CVE-2025-27281

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cookforweb All In Menu all-in-menu allows Blind SQL Injection.This issue affects All In Menu: from n/a through = 1.1.5...

CVE-2025-27281

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cookforweb All In Menu all-in-menu allows Blind SQL Injection.This issue affects All In Menu: from n/a through = 1.1.5...

CVE-2025-27281 WordPress All In Menu Plugin <= 1.1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cookforweb All In Menu all-in-menu allows Blind SQL Injection.This issue affects All In Menu: from n/a through = 1.1.5...

CVE-2025-27281

CVE-2025-27281 is an authenticated SQL injection vulnerability in the WordPress plugin All In Menu (

CVE-2025-27281 WordPress All In Menu Plugin <= 1.1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cookforweb All In Menu all-in-menu allows Blind SQL Injection.This issue affects All In Menu: from n/a through = 1.1.5...

WordPress plugin All In Menu SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-2213

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-28913

Cross-Site Request Forgery CSRF vulnerability in Aftab Ali Muni WP Add Active Class To Menu Item wp-add-active-class-to-menu-item allows Cross Site Request Forgery.This issue affects WP Add Active Class To Menu Item: from n/a through = 1.0...

WordPress Hero Mega Menu plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-2213

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-2213

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-2213 Castlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scripting

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-2213 Castlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scripting

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-2213

The CVE-2025-2213 entry corresponds to Castlenet CBW383G2N (Wireless Menu /wlanPrimaryNetwork.asp). The vulnerability is a cross-site scripting flaw triggered by manipulating the SSID parameter (example payload: ). It can be exploited remotely and affects unknown code paths in the Wireless Menu c...

WordPress WP Add Active Class To Menu Item plugin <=1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin WP Add Active Class To Menu Item versions = 1.0...

CVE-2025-28913

Cross-Site Request Forgery CSRF vulnerability in Aftab Ali Muni WP Add Active Class To Menu Item wp-add-active-class-to-menu-item allows Cross Site Request Forgery.This issue affects WP Add Active Class To Menu Item: from n/a through = 1.0...

CVE-2025-28913

CVE-2025-28913 is a CSRF vulnerability in the WP Add Active Class To Menu Item WordPress plugin, affecting versions up to 1.0. The connected sources confirm the issue and provide CVSS v3.1 base score 4.3 (Medium) but do not specify a patched version or concrete exploit details. No remediation ver...

CVE-2024-45328

FortiSandbox 4.4.0–4.4.6 contains an improper authorization vulnerability (CWE-863) that can let a low-privilege administrator execute elevated CLI commands via the GUI console menu. Affected component: FortiSandbox GUI/CLI integration (exact files/functions not detailed in the provided sources)....

WordPress plugin WP Add Active Class To Menu Item 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2024-13778

The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to SQL Injection via several functions in all versions up to, and including, 1.16.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...