โ† Back to Dashboard

CVE-2021-47933

CRITICAL NVD
CVSS Score
9.8
Severity
CRITICAL
Source
NVD
Published
May 10, 2026
Description

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config_file endpoint to achieve remote code execution on the server.

View Full Details โ† Back