How to fix EUVD-2026-13087?

EUVD-2026-13087

| CVE-2026-27067 CRITICAL

2026-03-19 [email protected]

9.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 19, 2026 - 09:22 euvd

EUVD-2026-13087

Analysis Generated

Mar 19, 2026 - 09:22 vuln.today

CVE Published

Mar 19, 2026 - 09:16 nvd

CRITICAL 9.1

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1.

Analysis

The Mobile App Editor WordPress plugin contains an unrestricted file upload vulnerability that allows authenticated administrators to upload malicious web shells to the web server. This affects all versions through 1.3.1 and carries a critical CVSS score of 9.1 due to the potential for complete system compromise with changed scope. …

Remediation

Within 24 hours: Audit all administrator accounts for suspicious activity and review recent file uploads in the plugin directory; disable the Mobile App Editor plugin immediately if not actively used. Within 7 days: Identify all WordPress instances running this plugin, document business justification for continued use, and implement compensating controls for any systems where the plugin remains enabled. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +46

POC: 0

EUVD-2026-13087 vulnerability details – vuln.today

Back

EUVD-2026-13087

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-13087

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code