Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admin menu project admin menu vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-24316
WP Plugin Rednumber Admin Menu v1.1 and lower does not sanitize the value of the "role" GET parameter before echoing it back out to the user. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
Admin Menu Project Admin Menu
6.1
CVSSv3
CVE-2022-0625
The Admin Menu Editor WordPress plugin up to and including 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Admin Menu Editor Project Admin Menu Editor
4.3
CVSSv3
CVE-2022-2275
The WP Edit Menu WordPress plugin prior to 1.5.0 does not have CSRF in an AJAX action, which could allow malicious users to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack
Wp Edit Menu Project Wp Edit Menu
4.8
CVSSv3
CVE-2022-0684
The WP Home Page Menu WordPress plugin prior to 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Wp Home Page Menu Project Wp Home Page Menu
6.1
CVSSv3
CVE-2017-6509
Smith0r/burgundy-cms prior to 2017-03-06 is vulnerable to a reflected XSS in admin/components/menu/views/menuitems.php (id parameter).
Burgundy-cms Project Burgundy-cms
9.8
CVSSv3
CVE-2023-0257
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image ...
Online Food Ordering System Project Online Food Ordering System 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started