CVE-2025-49442 WordPress Simple Nested Menu <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mostafa Shahiri Simple Nested Menu allows Stored XSS. This issue affects Simple Nested Menu: from n/a through 1.0...

CVE-2025-49442

CVE-2025-49442 is a Stored XSS in the Simple Nested Menu WordPress plugin (affected: Simple Nested Menu

CVE-2025-49242 WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

CVE-2025-49243 WordPress ShiftNav – Responsive Mobile Menu plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...

CVE-2025-49242 WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through = 1.4.3...

CVE-2025-49243 WordPress ShiftNav – Responsive Mobile Menu plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sevenspark ShiftNav – Responsive Mobile Menu shiftnav-responsive-mobile-menu allows Stored XSS.This issue affects ShiftNav – Responsive Mobile Menu: from n/a through = 1.8...

CVE-2025-49242

CVE-2025-49242 is a stored XSS vulnerability in Bellows Accordion Menu for WordPress (Improper Neutralization of Input During Web Page Generation). Affected versions: Bellows Accordion Menu up to and including 1.4.3. Impact per available docs: stored cross-site scripting; remediation is to update...

CVE-2025-49243

CVE-2025-49243 concerns ShiftNav – Responsive Mobile Menu (Sevenspark). Vulnerability: Stored Cross-Site Scripting due to improper input neutralization during web page generation. Affects ShiftNav from earlier versions up to 1.8 (no public details beyond that). Impact: could allow stored XSS payl...

WordPress plugin Simple Nested Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

WordPress plugin ShiftNav – Responsive Mobile Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

WordPress plugin Bellows Accordion Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-24265 · Unknown · Mostafa Shahiri Simple Nested Menu

Name of the Vulnerable Software and Affected Versions: Mostafa Shahiri Simple Nested Menu versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

PT-2025-24205 · Sevenspark · Sevenspark Bellows Accordion Menu

Name of the Vulnerable Software and Affected Versions: sevenspark Bellows Accordion Menu versions 1.4.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

BIT-JOOMLA-2024-40748 [20250102] - Core - XSS vector in the id attribute of menu lists

Lack of output escaping in the id attribute of menu lists...

CVE-2025-5628

A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site...

CVE-2025-5628

A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site...

CVE-2025-5628

CVE-2025-5628 affects SourceCodester Food Menu Manager 1.0. The vulnerability lies in the Add Menu Handler’s file, specifically the /index.php, where manipulation of the name/description parameter enables a cross-site scripting (XSS) attack. The issue can be triggered remotely and the exploit has...

CVE-2025-5628 SourceCodester Food Menu Manager Add Menu index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site...

CVE-2025-5628 SourceCodester Food Menu Manager Add Menu index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site...

WordPress Bellows Accordion Menu plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Bellows Accordion Menu versions = 1.4.3...