CVEs-PoC/2021/CVE-2021-24160.md

### [CVE-2021-24160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24160)
![](https://img.shields.io/static/v1?label=Product&message=Responsive%20Menu%20%E2%80%93%20Create%20Mobile-Friendly%20Menu&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Responsive%20Menu%20Pro&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.0.4%3C%204.0.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen)

### Description

In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.

### POC

#### Reference
- https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Hacker5preme/Exploits
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/hnthuan1998/Exploit-CVE-2021-24160
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve