In the Reponsive Menu (free and Pro) WordPress plugins prior to 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an malicious user to inject payloads that could aid in further infection of the site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
expresstech responsive menu |