CVE-2023-23791

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Menu plugin = 1.2.1 versions...

CVE-2023-23791

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Menu plugin = 1.2.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Menu plugin = 1.2.1 versions...

CVE-2023-23791 WordPress HT Menu Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Menu plugin = 1.2.1 versions...

CVE-2023-23791 WordPress HT Menu Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Menu plugin = 1.2.1 versions...

CVE-2023-23791

CVE-2023-23791 affects HasThemes HT Menu plugin for WordPress,

WordPress Plugin HT Menu – WordPress Mega Menu Builder for Elementor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin HT Menu - WordPress Mega...

PT-2023-19206 · Hasthemes · Ht Menu

Name of the Vulnerable Software and Affected Versions: HasThemes HT Menu plugin versions 1.2.1 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a we...

CVE-2023-3225

The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3225

CVE-2023-3225 refers to a vulnerability in the Float Menu WordPress plugin, where versions prior to 5.0.3 fail to sanitize and escape certain settings. This enables stored Reflected/Stored Cross-Site Scripting by high-privilege users (e.g., administrators), even when unfiltered_html is disallowed...

CVE-2023-3225 Float menu < 5.0.3 - Admin+ Stored Cross-Site Scripting

The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3225 Float menu < 5.0.3 - Admin+ Stored Cross-Site Scripting

The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Float menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Milesight UR32L libzebra.so bridge_group OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1698 Milesight UR32L libzebra.so bridgegroup OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22306 SUMMARY An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially...

CVE-2020-36746

The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...

CVE-2020-36746

The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...

Cross site request forgery (csrf)

The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...

CVE-2020-36746 Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass

The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...

CVE-2020-36746 Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass

The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...

CVE-2020-36746

The CVE-2020-36746 entry concerns the Menu Swapper WordPress plugin. A CSRF flaw exists in versions up to 1.1.0.2 due to missing or incorrect nonce validation in the mswp_save_meta() function, enabling unauthenticated attackers to save metadata by crafting requests and tricking an administrator. ...