PT-2024-27731 · Digiteam · Digiteam

Name of the Vulnerable Software and Affected Versions: Digiteam version 4.21.0.0 Description: The issue is related to improper access control in the endpoint "/RoleMenuMapping/AddRoleMenu" of Digiteam, allowing authenticated attackers to escalate privileges. Recommendations: For Digiteam version...

CVE-2024-54381

Missing Authorization vulnerability in Dotstore Advance Menu Manager advance-menu-manager.This issue affects Advance Menu Manager: from n/a through = 3.1.1...

CVE-2024-54381 WordPress Advance Menu Manager plugin <= 3.1.1 - Settings Change vulnerability

Missing Authorization vulnerability in Dotstore Advance Menu Manager advance-menu-manager.This issue affects Advance Menu Manager: from n/a through = 3.1.1...

CVE-2024-54381

CVE-2024-54381 affects the WordPress plugin Advance Menu Manager (affected: v1.x and below; from n/a through 3.1.1). The issue is a Missing Authorization vulnerability that could allow an unauthenticated actor to perform a settings-change operation on the plugin. The Red Hat and Wordfence entries...

CVE-2024-52485

Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Image wp-menu-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Menu Image: from n/a through = 2.2...

WordPress plugin WP Menu Image 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

WordPress plugin Advance Menu Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-35326 · WordPress · Wp Menu Image

Name of the Vulnerable Software and Affected Versions: WP Menu Image versions through 2.2 Description: The issue is related to a Missing Authorization vulnerability in WP Menu Image, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions throu...

PT-2024-36267 · Dotstore · Dotstore Advance Menu Manager

Name of the Vulnerable Software and Affected Versions: Dotstore Advance Menu Manager versions 3.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Dotstore Advance Menu Manager. This vulnerability allows for unauthorized access. Recommendations: For...

WordPress WP Menu Image plugin <= 2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin WP Menu Image versions = 2.2...

CVE-2024-54310

Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu gou-wc-account-tabs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through = 1.0.1.8...

CVE-2024-54282

Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through = 1.4.2...

CVE-2024-54310 WordPress Gou Manage My Account Menu plugin <= 1.0.1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu gou-wc-account-tabs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through = 1.0.1.8...

CVE-2024-54282 WordPress WP Mega Menu plugin <= 1.4.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through = 1.4.2...

CVE-2024-54282 WordPress WP Mega Menu plugin <= 1.4.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu allows Object Injection.This issue affects WP Mega Menu: from n/a through 1.4.2...

CVE-2024-54282

CVE-2024-54282 is a Deserialization of Untrusted Data vulnerability in WP Mega Menu (Themeum). The connected RH/Wordfence entries show an Authenticated (Administrator+) PHP Object Injection via deserialization affecting WP Mega Menu versions up to 1.4.2. Remediation is to upgrade to a non-affecte...

WordPress plugin WP Mega Menu 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress plugin Duplicate Post Page Menu & Custom Post Type 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Duplica...

PT-2024-12569 · WordPress · Duplicate Post Page Menu & Custom Post Type

Name of the Vulnerable Software and Affected Versions: Duplicate Post Page Menu & Custom Post Type versions 2.3.1 through 2.4.1 Description: The issue affects the Duplicate Post Page Menu & Custom Post Type plugin, allowing for broken access control due to missing authorization. This enables...

PT-2024-36163 · Themeum · Wp Mega Menu

Name of the Vulnerable Software and Affected Versions: WP Mega Menu versions 1.4.2 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection in Themeum WP Mega Menu. Recommendations: For WP Mega Menu versions 1.4.2 and earlier, update to a...