Online Food Menu SQL注入漏洞

Online Food Menu is an online food menu by rems individual developer. A SQL injection vulnerability exists in Online Food Menu version 1.0, which originates from a SQL injection vulnerability in the menu parameter of the /endpoint/delete-menu.php file...

PT-2024-39096 · Sourcecodester · Sourcecodester Online Food Menu

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Menu version 1.0 Description: A critical issue has been found in the processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to SQL injection. The attack may be initiated...

CVE-2024-44587

itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombosave.php via the "menu" parameter...

CVE-2024-44587

itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombosave.php via the "menu" parameter...

CVE-2024-7380

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.6.9. This makes it possible for authenticated attackers, with...

CVE-2024-7380

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...

CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...

CVE-2024-7380 Geo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion

The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajaxgeolocatemenu and ajaxgeolocateremovemenu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with...

CVE-2024-7380

CVE-2024-7380 — Geo Controller (WordPress) security issue : The Geo Controller plugin (WordPress) up to and including version 8.6.9 is vulnerable to unauthorized menu creation/deletion due to missing capability checks in ajax__geolocate_menu and ajax__geolocate_remove_menu. Affected product: Geo ...

CVE-2024-44587

itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombosave.php via the "menu" parameter...

CVE-2024-44587

itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombosave.php via the "menu" parameter...

WordPress plugin Geo Controller 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-38310 · WordPress · Geo Controller

Name of the Vulnerable Software and Affected Versions: Geo Controller plugin for WordPress versions up to, and including, 8.6.9 Description: The issue arises from missing capability checks on the ajax geolocate menu and ajax geolocate remove menu functions, allowing authenticated attackers with...

CVE-2024-38793

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1...

CVE-2024-38793

CVE-2024-38793 is a SQL Injection in the WordPress plugin Best Restaurant Menu by PriceListo (versions

WordPress plugin Best Restaurant Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2024-5583

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

CVE-2024-5583 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carouseldirection parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input...

DRUPAL-CONTRIB-2024-030

This module integrates the mmenu library with Drupal's menu system with the aim of having an off-canvas mobile menu and a horizontal menu at wider widths. The module doesn't respect custom node access restrictions implemented through hook\ENTITY\TYPE\access hooks meaning the titles of restricted...

Drupal Responsive and off-canvas menu module < 4.4.4 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by collinhaines in WordPress Module Responsive and off-canvas menu versions 4.4.4...