The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. This makes it possible for unauthenticated attackers to create arbitrary PHP files that can be used to execute malicious code.

CyberChef


The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.

Listed: