CVE-2025-32492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eliot Akira Admin Menu Post List admin-menu-post-list allows Stored XSS.This issue affects Admin Menu Post List: from n/a through = 2.0.7...

CVE-2025-32477

Cross-Site Request Forgery CSRF vulnerability in Jordi Salord WP-Easy Menu wp-easy-menu allows Stored XSS.This issue affects WP-Easy Menu: from n/a through = 0.41...

CVE-2025-31017

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert Noakes Nav Menu Manager noakes-menu-manager allows Stored XSS.This issue affects Nav Menu Manager: from n/a through = 3.2.5...

CVE-2025-31017 WordPress Nav Menu Manager plugin <= 3.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert Noakes Nav Menu Manager noakes-menu-manager allows Stored XSS.This issue affects Nav Menu Manager: from n/a through = 3.2.5...

CVE-2025-31017 WordPress Nav Menu Manager plugin <= 3.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robert Noakes Nav Menu Manager noakes-menu-manager allows Stored XSS.This issue affects Nav Menu Manager: from n/a through = 3.2.5...

CVE-2025-31017

CVE-2025-31017: Nav Menu Manager suffers an authenticated Stored XSS (CWE) in versions up to 3.2.5. The vulnerability can be exploited by an attacker with at least Contributor privileges via stored input that is rendered on web pages, potentially impacting confidentiality, integrity, and availabi...

CVE-2025-32477 WordPress WP-Easy Menu plugin <= 0.41 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Jordi Salord WP-Easy Menu allows Stored XSS. This issue affects WP-Easy Menu: from n/a through 0.41...

CVE-2025-32477

CVE-2025-32477 - WP-Easy Menu is a CSRF-driven vulnerability that can lead to Stored XSS in WP-Easy Menu versions up to 0.41. The CVSS 3.1 base score is 7.1 (HIGH) with attack vector Network, attack complexity Low, privileges required None, user interaction Required, and impact on confidentiality...

CVE-2025-32477 WordPress WP-Easy Menu plugin <= 0.41 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Jordi Salord WP-Easy Menu wp-easy-menu allows Stored XSS.This issue affects WP-Easy Menu: from n/a through = 0.41...

CVE-2025-32492 WordPress Admin Menu Post List <= 2.0.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eliot Akira Admin Menu Post List allows Stored XSS. This issue affects Admin Menu Post List: from n/a through 2.0.7...

CVE-2025-32492

CVE-2025-32492 is an authenticated, stored XSS vulnerability in the WordPress plugin Admin Menu Post List (affected: Admin Menu Post List

CVE-2025-32492 WordPress Admin Menu Post List plugin <= 2.0.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eliot Akira Admin Menu Post List admin-menu-post-list allows Stored XSS.This issue affects Admin Menu Post List: from n/a through = 2.0.7...

WordPress plugin WP-Easy Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

WordPress plugin Nav Menu Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-15727 · Unknown · Nav Menu Manager

Name of the Vulnerable Software and Affected Versions: Nav Menu Manager versions 3.2.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

PT-2025-15759 · WordPress · Wp-Easy Menu

Name of the Vulnerable Software and Affected Versions: Jordi Salord WP-Easy Menu versions 0.41 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. Recommendations: For Jordi Salord WP-Easy Menu versions 0.41 and earlier, update to a versio...

CVE-2025-28409

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/parentId endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId...

CVE-2025-3332

A vulnerability, which was classified as critical, was found in codeprojects Online Restaurant Management System 1.0. Affected is an unknown function of the file /admin/menusave.php. The manipulation of the argument menu leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-3333

A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menuupdate.php. The manipulation of the argument menu leads to sql injection. The attack can be launched...

CVE-2025-28409

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/parentId endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId...