CVE-2012-1011

AllWebMenus WordPress Plugin 1.1.8 - Unauthenticated Arbitrary File Upload and Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-1011. PoCs published by 6Scan.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in the AllWebMenus WordPress Menu Plugin versions < 1.1.9. The vulnerability allows unauthorized users to upload malicious files via the 'actions.php' script due to insufficient input validation and referrer checks.

Description

actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTP_REFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.

Exploits (1)

exploitdb WORKING POC

by 6Scan · textwebappsphp

https://www.exploit-db.com/exploits/18407

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file upload vulnerability in the AllWebMenus WordPress Menu Plugin versions < 1.1.9. The vulnerability allows unauthorized users to upload malicious files via the 'actions.php' script due to insufficient input validation and referrer checks.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: AllWebMenus WordPress Menu Plugin < 1.1.9

No auth needed

Prerequisites: Access to the target WordPress site · Ability to send HTTP requests to the vulnerable endpoint

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18407

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/51615

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/72640

Patch x_refsource_confirm

http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/changelog/

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2012-01/0137.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47659

Scores

EPSS 0.0963

EPSS Percentile 94.9%

Details

CWE

CWE-264

Status published

Products (1)

likno/allwebmenus_plugin 1.1.8

Published Feb 07, 2012

Tracked Since Feb 18, 2026