cb
cvebase
.
~
/
products
/
mstore
/
mstore_api
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
mstore
/
Mstore Api
Mstore Api vulnerabilities
1 known vulnerability affecting
mstore/mstore_api
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2021-47933
P2
CRITICAL
CVSS 9.8
v2.0.6
2026-05-10
CVE-2021-47933 [CRITICAL] CWE-306 CVE-2021-47933: WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticat WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config_file endpoint to achieve remote code execution on the server.
nvd
Mstore Api vulnerabilities | cvebase