The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. This makes it possible for unauthenticated attackers to create arbitrary PHP files that can be used to execute malicious code.
#RESOURCE

The Ultimate Cybersecurity Resource List. A curated directory of cybersecurity tools and resources for infosec professionals.

Resources + Guides Stay safe online.Our collection of digital resources, at your virtual fingertips.We want to make it easy for everyone to learn more.

The Computer Security Resource Center (CSRC) has information on many of NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports people and organizations in government, industry, and academia—both in the U.S. and internationally.

Commands, Payloads and Resources for the OffSec Certified Professional Certification (OSCP).

Check out the Synack Resource Hub for the latest company events, news, and research.