Aggregates CVE and security vulnerability intelligence across all likno-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation, with potential vendor impact unexpected behavior across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-1011 | actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTP_REFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory. | [email protected] | 7.5 | 9.62% | 2012-02-07 | 2026-04-29 |
| CVE-2012-1010 | Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory. | [email protected] | 7.5 | 9.52% | 2012-02-07 | 2026-04-29 |
| CVE-2011-3981 | PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. | [email protected] | 7.5 | 10.32% | 2011-10-04 | 2026-04-29 |