CVE-2021-47933

Published May 10th, 2026

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config_file endpoint to achieve remote code execution on the server.

MStore API – Create Native Android & iOS Apps On The Cloud

<p>Take your WordPress store mobile with MStore API!</p> <p>This plugin bridges the gap between your WordPress website and the powerful FluxBuilder app builder. By enabling the REST API, MStore API seamlessly connects your store data (products, users, orders) to <a href="https://www.fluxbuilder.com" rel="nofollow ugc">FluxBuilder App</a>, allowing you to create a custom mobile app for your business without writing any code.</p> <span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/xJ9EQmSw1XU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span> <h3>Key benefits:</h3> <ul> <li><strong>Effortless mobile app creation</strong>: Leverage FluxBuilder’s drag-and-drop interface and pre-built templates to design your dream mobile app.</li> <li><strong>Seamless data integration</strong>: MStore API ensures smooth communication between your WordPress store and the mobile app, keeping product information, user accounts, and orders in sync.</li> <li><strong>Enhanced customer experience</strong>: Offer a convenient mobile shopping experience to your customers, boosting engagement and sales.</li> </ul> <p>Ready to go mobile? Download the MStore API plugin and unlock the power of FluxBuilder for your WordPress store!</p> <h3>Reference links</h3> <ul> <li>FluxBuilder – Flutter App Builder: <a href="https://www.fluxbuilder.com" rel="nofollow ugc">https://www.fluxbuilder.com</a></li> <li>Guide to use: <a href="https://docs.fluxbuilder.com" rel="nofollow ugc">docs.fluxbuilder.com</a></li> <li>Download The App Builder: <a href="https://www.fluxbuilder.com/download" rel="nofollow ugc">fluxbuilder.com/download</a></li> <li>Showcase: <a href="https://showcase.fluxbuilder.com" rel="nofollow ugc">https://showcase.fluxbuilder.com</a></li> <li><a href="https://www.youtube.com/inspireui?sub_confirmation=1" rel="nofollow ugc">YouTube</a></li> <li><a href="https://www.facebook.com/groups/1401824449973438" rel="nofollow ugc">Facebook</a></li> <li><a href="https://docs.fluxbuilder.com" rel="nofollow ugc">Document</a></li> </ul>

WordPress Plugin Directory

299K