Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-25051

The Modal Window WordPress plugin before 5.2.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.1
Products affected by CVE-2021-25051


Contact Us

Shodan ® - All rights reserved