Embedded Malicious Code

Overview @ctrl/ngx-rightclick is a Context Menu Service for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API...

CVE-2025-9880

The Side Slide Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicio...

CVE-2025-9880 Side Slide Responsive Menu <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Side Slide Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicio...

CVE-2025-9880 Side Slide Responsive Menu <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Side Slide Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicio...

WordPress plugin Side Slide Responsive Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2025-37283

Name of the Vulnerable Software and Affected Versions: Side Slide Responsive Menu plugin for WordPress versions prior to 1.1 Description: The Side Slide Responsive Menu plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on a functio...

WordPress Side Slide Responsive Menu plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Side Slide Responsive Menu versions = 1.0...

CVE-2025-9160

A code execution security issue exists in the affected product. An attacker with physical access could abuse the maintenance menu of the controller with a crafted payload. The security issue can result in arbitrary code execution...

CVE-2025-9160

A code execution security issue exists in the affected product. An attacker with physical access could abuse the maintenance menu of the controller with a crafted payload. The security issue can result in arbitrary code execution...

CVE-2025-9160

CVE-2025-9160 is a code execution vulnerability affecting Rockwell Automation CompactLogix 5480 controllers. The issue allows an attacker with physical access to abuse the controller’s maintenance menu by sending a crafted payload, potentially resulting in arbitrary code execution. Exploitation d...

CVE-2025-9160 Rockwell Automation CompactLogix® 5480 Code Execution Vulnerability

A code execution security issue exists in the affected product. An attacker with physical access could abuse the maintenance menu of the controller with a crafted payload. The security issue can result in arbitrary code execution...

CVE-2025-9160 Rockwell Automation CompactLogix® 5480 Code Execution Vulnerability

A code execution security issue exists in the affected product. An attacker with physical access could abuse the maintenance menu of the controller with a crafted payload. The security issue can result in arbitrary code execution...

Rockwell Automation CompactLogix 5480 安全漏洞

The Rockwell Automation CompactLogix 5480 is a programmable logic controller from Rockwell Automation USA. A security vulnerability exists in the Rockwell Automation CompactLogix 5480 that originates from physical access to the Abuse Maintenance menu and could lead to the execution of arbitrary...

WordPress Admin Menu Editor plugin cross-site scripting vulnerability

WordPress Admin Menu Editor plugin is a plugin for customizing and managing backend menus, supporting reordering, hiding/showing menu items, modifying permissions and more. WordPress Admin Menu Editor plugin suffers from a cross-site scripting vulnerability that stems from insufficient input...

PT-2025-36726

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A code execution security issue exists where an attacker with physical access can abuse the maintenance menu of the controller with a crafted payload,...

CVE-2025-9493

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

WordPress Toast Mobile Menu plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Toast Mobile Menu versions = 1.0.8...

CVE-2025-58812

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto allows Stored XSS.This issue affects Best Restaurant Menu by PriceListo: from n/a through = 1.4.3...

CVE-2025-58798

Cross-Site Request Forgery CSRF vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through = 1.1.3...

CVE-2025-58839

Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through = 1.2...