3 matches found
CVE-2023-5509
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions...
CVE-2023-5509
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions...
CVE-2023-5509
The CVE concerns the WordPress plugin myStickymenu, prior to version 2.6.5. The vulnerability stems from insufficient authorization of certain AJAX calls, which permits any logged-in user (e.g., subscribers) to perform actions such as deleting form leads, as highlighted by the CVE entry and corro...