CVE-2025-2710

A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some unknown processing of the file /menu.jsp. The manipulation of the argument flag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-30560

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

CVE-2025-30543

Missing Authorization vulnerability in swayam.tejwani Menu Duplicator copy-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Menu Duplicator: from n/a through = 1.0...

CVE-2025-30527

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetoolbox My Bootstrap Menu my-bootstrap-menu allows Stored XSS.This issue affects My Bootstrap Menu: from n/a through = 1.2.1...

CVE-2025-30560 WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through = 3.0...

CVE-2025-30560

CVE-2025-30560 is a CSRF-to-Stored XSS vulnerability in the WordPress plugin jQuery Dropdown Menu (versions up to 3.0, affected from n/a through 3.0). The CVSS 3.1 score is 7.1 (High) with network attack vector, low attack complexity, no privileges required, but requires user interaction, and it ...

CVE-2025-30543 WordPress Menu Duplicator plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in swayam.tejwani Menu Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Menu Duplicator: from n/a through 1.0...

CVE-2025-30543

CVE-2025-30543 affects the Menu Duplicator WordPress plugin (WordPress plugin: Menu Duplicator) with version up to 1.0, introducing a Missing Authorization vulnerability due to incorrectly configured access control. The issue, described as an Unauthorized/ Missing Authorization risk, could allow ...

CVE-2025-30543 WordPress Menu Duplicator plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in swayam.tejwani Menu Duplicator copy-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Menu Duplicator: from n/a through = 1.0...

CVE-2025-30527

CVE-2025-30527 involves My Bootstrap Menu (WordPress plugin). The connected Wordfence vulnerability entry identifies the affected software as My Bootstrap Menu and states vulnerability from earlier versions up to 1.2.1, describing an "Authenticated" stored Cross-Site Scripting (XSS) due to improp...

CVE-2025-30527 WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetoolbox My Bootstrap Menu my-bootstrap-menu allows Stored XSS.This issue affects My Bootstrap Menu: from n/a through = 1.2.1...

CVE-2025-30527 WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codetoolbox My Bootstrap Menu allows Stored XSS. This issue affects My Bootstrap Menu: from n/a through 1.2.1...

WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin jQuery Dropdown Menu versions = 3.0...

WordPress Menu Duplicator plugin <= 1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Menu Duplicator versions = 1.0...

WordPress My Bootstrap Menu plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin My Bootstrap Menu versions = 1.2.1...

Yonyou UFIDA ERP-NC 代码注入漏洞

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

WordPress plugin jQuery Dropdown Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress plugin Menu Duplicator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin My Bootstrap Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Gotcha plugin <= 1.0.0 - Reflected Cross-Site Scripting via menu Parameter vulnerability

Reflected Cross-Site Scripting via menu Parameter vulnerability discovered by johska in WordPress Plugin Gotcha versions = 1.0.0...