CVE-2025-3748 Taxonomy Chain Menu <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via pn_chain_menu Shortcode

The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pnchainmenu shortcode in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-3748

The CVE-2025-3748 entry concerns the WordPress plugin Taxonomy Chain Menu (Taxonomy Chain Menu) with a Stored Cross-Site Scripting (XSS) vulnerability. Affected versions are up to and including 1.0.8, where insufficient input sanitization and output escaping on user-supplied attributes in the pn_...

WordPress plugin Taxonomy Chain Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

PT-2025-18758 · WordPress · Taxonomy Chain Menu

Name of the Vulnerable Software and Affected Versions: Taxonomy Chain Menu plugin for WordPress versions up to, and including, 1.0.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the pn...

WordPress Taxonomy Chain Menu plugin <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via pn_chain_menu Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via pnchainmenu Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Taxonomy Chain Menu versions = 1.0.8...

CVE-2025-32548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

Exploit for SQL Injection in Code-Projects Patient_Record_Management_System

CVE-2025-32433 Erlang SSH Library Exploit A proof-of-concept...

CVE-2025-32548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

CVE-2025-32548 WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

CVE-2025-32548

CVE-2025-32548 describes a Reflected XSS in the WordPress plugin “Hamburger Icon Menu Lite,” caused by improper input neutralization during web page generation. The vulnerability affects the plugin as released up to version 1.0 (listed as affected “from n/a through 1.0”). The initial documents co...

CVE-2025-32548 WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

PT-2025-17111 · Unknown · Hamburger Icon Menu Lite

Name of the Vulnerable Software and Affected Versions: Hamburger Icon Menu Lite versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker ca...

WordPress plugin Hamburger Icon Menu Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-2871

CVE-2025-2871 pertains to WordPress Mega Menu – QuadMenu. A CSRF flaw in ajax_dismiss_notice() with missing nonce validation affects all versions up to 3.2.0, enabling unauthenticated attackers to update any user meta (including wp_capabilities) via a forged request if a site admin is tricked int...

PT-2025-16162 · WordPress · Wordpress Mega Menu – Quadmenu

Name of the Vulnerable Software and Affected Versions: The WordPress Mega Menu – QuadMenu plugin for WordPress versions up to, and including, 3.2.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the ajax dismiss notice function. Thi...

CVE-2025-32492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eliot Akira Admin Menu Post List admin-menu-post-list allows Stored XSS.This issue affects Admin Menu Post List: from n/a through = 2.0.7...

CVE-2025-31017

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert Noakes Nav Menu Manager noakes-menu-manager allows Stored XSS.This issue affects Nav Menu Manager: from n/a through = 3.2.5...

CVE-2025-32477

Cross-Site Request Forgery CSRF vulnerability in Jordi Salord WP-Easy Menu wp-easy-menu allows Stored XSS.This issue affects WP-Easy Menu: from n/a through = 0.41...

WordPress plugin WP Food ordering and Restaurant Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Hamburger Icon Menu Lite versions = 1.0...