Security Advisory

CVE-2021-24942

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-26 12:28:21

Last updated 2025-04-14 13:01:26

Assigner WPScan

State PUBLISHED

Description

The Menu Item Visibility Control WordPress plugin through 0.5 doesnt sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

← Browse all CVEs View on cve.org ↗