{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27067", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-17T13:23:42.768Z", "datePublished": "2026-03-19T08:41:18.492Z", "dateUpdated": "2026-04-28T16:15:01.331Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "mobile-app-editor", "product": "Mobile App Editor", "vendor": "Syarif", "versions": [{"lessThanOrEqual": "1.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "NumeX | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:44:02.330Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.<p>This issue affects Mobile App Editor: from n/a through <= 1.3.1.</p>"}], "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through <= 1.3.1."}], "impacts": [{"capecId": "CAPEC-650", "descriptions": [{"lang": "en", "value": "Upload a Web Shell to a Web Server"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:15:01.331Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/mobile-app-editor/vulnerability/wordpress-mobile-app-editor-plugin-1-3-1-arbitrary-file-upload-vulnerability?_s_id=cve"}], "title": "WordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T13:04:24.345000Z", "id": "CVE-2026-27067", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T13:04:48.542Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27067", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-19T13:04:24.345000Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T13:04:29.241Z"}}], "cna": {"tags": ["x_open-source"], "title": "WordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "NumeX | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-650", "descriptions": [{"lang": "en", "value": "CAPEC-650 Upload a Web Shell to a Web Server"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Syarif", "product": "Mobile App Editor", "versions": [{"status": "affected", "version": "n/a", "versionType": "custom", "lessThanOrEqual": "1.3.1"}], "packageName": "mobile-app-editor", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/mobile-app-editor/vulnerability/wordpress-mobile-app-editor-plugin-1-3-1-arbitrary-file-upload-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1.", "supportingMedia": [{"type": "text/html", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.<p>This issue affects Mobile App Editor: from n/a through 1.3.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-19T08:41:18.492Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27067", "state": "PUBLISHED", "dateUpdated": "2026-03-19T13:04:48.542Z", "dateReserved": "2026-02-17T13:23:42.768Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-19T08:41:18.492Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through <= 1.3.1."}, {"lang": "es", "value": "Una vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en Syarif Mobile App Editor permite cargar un shell web a un servidor web. Este problema afecta a Mobile App Editor: desde n/a hasta 1.3.1."}], "id": "CVE-2026-27067", "lastModified": "2026-04-23T15:37:15.687", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-03-19T09:16:17.980", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/mobile-app-editor/vulnerability/wordpress-mobile-app-editor-plugin-1-3-1-arbitrary-file-upload-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Mobile App Editor", "source": "cna", "vendor": "Syarif"}, "product": "mobile_app_editor", "vendor": "syarif"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-28T22:13:59.593561+00:00", "value": {"mitigation_remediation": ["Upgrade the Mobile App Editor plugin to version 1.3.2 or newer.", "If immediate upgrade is not feasible, temporarily disable the plugin\u2019s upload feature or restrict its use to authenticated administrators only.", "Deploy server\u2011side file type validation and block uploads of dangerous extensions (e.g., .php, .phtml, .pl, .cgi, .asp, .aspx, .exe, .sh) to prevent arbitrary files from being stored."], "summary": {"action": "Immediate Patch", "impact": "Remote code execution via arbitrary file upload"}, "threat_synthesis": {"affected_systems": "WordPress users running the Mobile App Editor plugin from the Syarif collection, versions up to and including 1.3.1, are affected.", "description_and_impact": "This vulnerability allows an attacker to upload a file of any type through the plugin\u2019s upload interface. The upload mechanism does not enforce type restrictions, permitting a web\u2011shell file to be placed on the server. Deployment of such a file gives the attacker the ability to execute arbitrary commands on the web server, compromising confidentiality, integrity, and availability of the site.", "risk_and_exploitability": "The EPSS score is below 1% and the vulnerability is not listed in the KEV catalog, yet the impact is high because it enables remote code execution. An attacker could exploit the flaw simply by using the public upload feature of the plugin, likely without advanced prerequisites. The combination of unrestricted file upload and the ability to store a web shell creates a direct attack vector that, if used, can lead to full server compromise."}}}}, "created": "2026-03-20T08:57:01.333448+00:00", "updated": "2026-04-28T22:15:41.374433+00:00", "vendors": ["syarif", "syarif$PRODUCT$mobile_app_editor", "wordpress", "wordpress$PRODUCT$wordpress"]}