Security Advisory

CVE-2015-2791

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-03-30 14:00:00
Last updated 2024-08-06 05:24:38
Assigner mitre
State PUBLISHED

Description

The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php.