PatchSiren cyber security CVE debrief

CVE-2017-6104 Zen Mobile App Native Project CVE debrief

CVE-2017-6104 describes a remote file upload vulnerability affecting the WordPress plugin Mobile App Native through version 3.0. NVD rates it 7.5 HIGH with a network attack vector, low complexity, no privileges required, and no user interaction. The supplied record maps the issue to CWE-434, CWE-287, and CWE-732. Because the flaw is remotely reachable and concerns unauthorized upload behavior, affected WordPress sites should treat it as urgent and remove or remediate the plugin as soon as possible.

Vendor: Zen Mobile App Native Project
Product: CVE-2017-6104
CVSS: HIGH 7.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-03-02
Original CVE updated: 2026-05-13
Advisory published: 2017-03-02
Advisory updated: 2026-05-13

Who should care

WordPress site owners, administrators, managed hosting providers, and security teams responsible for plugin inventory, file-upload controls, and webroot monitoring.

Technical summary

The NVD record lists the affected CPE as zen_mobile_app_native_project:zen_mobile_app_native for versions up to and including 3.0. The CVSS v3.0 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) indicates a remotely reachable issue that requires no privileges or user interaction, with integrity impact as the main concern. The vulnerability is described as a remote file upload problem, and NVD associates it with CWE-434 (unrestricted upload), CWE-287 (improper authentication), and CWE-732 (incorrect permission assignment).

Defensive priority

High. The issue is remotely reachable, requires no privileges, and has publicly listed third-party advisory/exploit references in the supplied corpus, so exposed WordPress deployments should prioritize inventory and containment.

Recommended defensive actions

Check all WordPress installations for the Mobile App Native plugin and verify whether any instance is at version 3.0 or earlier.
Disable and remove affected installations if a trusted fixed version or replacement is not available.
Restrict write and execute permissions for upload and plugin directories so unexpected uploaded files cannot be executed.
Review web and application logs, along with the site webroot, for unexpected files or suspicious upload activity.
If the plugin must remain in use, apply compensating controls and monitor closely until the component can be replaced or fully remediated.

Evidence notes

This debrief is based on the supplied NVD CVE record and the official CVE record link. The corpus provides the affected version range, CVSS vector, weakness mappings, and several third-party advisory/exploit references. No fixed remediation version or vendor patch notice was included in the supplied source corpus, so recommendations are limited to defensive containment and removal guidance.

Official resources

CVE-2017-6104 CVE record
CVE.org
CVE-2017-6104 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry

The supplied CVE data shows this issue was published on 2017-03-02 and modified on 2026-05-13. This debrief uses those CVE dates for timing context only and does not infer any additional timeline facts. The corpus includes third-party advis