3944 matches found
CVE-2025-1729
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges...
CVE-2025-1729
CVE-2025-1729 affects Lenovo TrackPoint Quick Menu (TPQMAssistant.exe). A DLL hijacking flaw allows a local attacker to escalate privileges by placing a malicious hostfxr.dll in the TPQM directory where the binary is launched; the TPQM folder is writable by standard users, enabling this. The issu...
CVE-2025-1729
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges...
Lenovo TrackPoint Quick Menu 安全漏洞
Lenovo TrackPoint Quick Menu is a shortcut menu program from the Chinese company Lenovo. A security vulnerability exists in Lenovo TrackPoint Quick Menu, which stems from the presence of a DLL hijacking vulnerability that could lead to elevation of privilege by a local attacker...
WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.6...
CVE-2025-54038
Cross-Site Request Forgery CSRF vulnerability in jetmonsters Restaurant Menu by MotoPress mp-restaurant-menu allows Cross Site Request Forgery.This issue affects Restaurant Menu by MotoPress: from n/a through = 2.4.6...
CVE-2025-54038 WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in jetmonsters Restaurant Menu by MotoPress mp-restaurant-menu allows Cross Site Request Forgery.This issue affects Restaurant Menu by MotoPress: from n/a through = 2.4.6...
CVE-2025-54038 WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6...
CVE-2025-54038
CVE-2025-54038 affects Restaurant Menu by MotoPress (WordPress plugin)
org.webjars.npm:gip-recia__esco-content-menu (=0.3.4), org.webjars.npm:gip-recia__eyebrow-user-info (=0.6.2) +3 more potentially affected by CVE-2025-53892 via org.webjars.npm:vue-i18n (>=9.0.0-rc.9 <=9.14.3)
org.webjars.npm:vue-i18n MAVEN version =9.0.0-rc.9, =0.0.1, =1.12.0, =1.12.0, =1.40.2 Source cves: CVE-2025-53892 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-10771083...
WordPress plugin Restaurant Menu by MotoPress 跨站请求伪造漏洞
WordPress Restaurant Menu by MotoPress is a menu plugin designed for the restaurant industry that supports free downloads and can be enhanced by adding paid extensions. WordPress Restaurant Menu by MotoPress has a cross-site request forgery vulnerability, the vulnerability stems from the WEB...
PT-2025-29760 · Motopress · My Restaurant Menu
Name of the Vulnerable Software and Affected Versions: Restaurant Menu by MotoPress versions through 2.4.6 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users without their knowledge...
WordPress Easy restaurant menu manager cross-site scripting vulnerability
WordPress Easy restaurant menu manager is a WordPress plugin for managing restaurant menus , the main features include uploading and editing restaurant menus online and embedding them into the website through short codes or links. A cross-site scripting vulnerability exists in WordPress Easy...
WordPress Easy restaurant menu manager plugin <= 2.0.1 - Authenticated (Contributot+) Stored Cross-Site Scripting via `nsc_eprm_menu_link` Shortcode vulnerability
Authenticated Contributot+ Stored Cross-Site Scripting via nsceprmmenulink Shortcode vulnerability discovered by Alex Thomas in WordPress Plugin Easy pdf restaurant menu upload versions = 2.0.1...
CVE-2024-11937
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2025-6673 Easy restaurant menu manager <= 2.0.1 - Authenticated (Contributot+) Stored Cross-Site Scripting via `nsc_eprm_menu_link` Shortcode
The Easy restaurant menu manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's nsceprmmenulink shortcode in versions up to, and including 2.0.1, due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-27865 · WordPress · Easy Restaurant Menu Manager
Name of the Vulnerable Software and Affected Versions: Easy Restaurant Menu Manager plugin for WordPress versions up to and including 2.0.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the nsc eprm menu link shortcode. This...
Vivaldi 7.5: color, clarity, and control
Read this article in español, Deutsch, Français, русский, 日本語, język polski. This update brings both refinement and power. It’s a release shaped by your feedback and driven by our commitment to putting you in full control of your browser. With long-requested colored Tab Stacks, enhanced privacy...
CVE-2025-49448
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fastw3b LLC FW Food Menu allows Path Traversal. This issue affects FW Food Menu : from n/a through 6.0.0...