Unrated severityNVD Advisory· Published Feb 7, 2012· Updated Apr 29, 2026
CVE-2012-1010
CVE-2012-1010
Description
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.
Affected products
22cpe:2.3:a:likno:allwebmenus_plugin:*:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:likno:allwebmenus_plugin:*:*:*:*:*:*:*:*range: <=1.1.7
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:likno:allwebmenus_plugin:1.1.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- archives.neohapsis.com/archives/bugtraq/2012-01/0137.htmlnvdExploit
- www.exploit-db.com/exploits/18407nvdExploit
- secunia.com/advisories/47659nvdVendor Advisory
- wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/changelog/nvd
- www.securityfocus.com/bid/51615nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/72640nvd
News mentions
0No linked articles in our index yet.