Lucene search
Menu Image, Icons Made Easy Security Vulnerabilities
cve
The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site ...
5.4CVSS
5.4AI Score
0.001EPSS
2022-03-28 06:15 PM
53
cve
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10.
5.9CVSS
5.4AI Score
0.0004EPSS
2023-12-21 03:15 PM
10