Vulnerability CVE-2021-24942


Published: 2022-12-26

Description:
The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

Type:

CWE-94

(Improper Control of Generation of Code ('Code Injection'))

 References:
https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418

Copyright 2026, cxsecurity.com

 

Back to Top