WordPress Dropdown Menu Widget Plugin <= 1.7.1 - CSRF and XSS

Because of this vulnerability, the attackers can hijack the authentication of arbitrary users for requests that insert cross-site scripting sequences.

Solution

           Update the plugin.