CVE-2025-48533

In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-9493

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493 Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493

CVE-2025-9493 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin Admin Menu Editor. The root cause is insufficient input sanitization and output escaping for the placeholder parameter, enabling an authenticated attacker with Author-level access or higher to inject scrip...

CVE-2025-9493 Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

WordPress Admin Menu Editor plugin <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via placeholder Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Admin Menu Editor versions = 1.14...

WordPress plugin Admin Menu Editor 跨站脚本漏洞

WordPress Admin Menu Editor plugin is a plugin for customizing and managing backend menus, supporting reordering, hiding/showing menu items, modifying permissions and more. WordPress Admin Menu Editor plugin suffers from a cross-site scripting vulnerability that stems from insufficient input...

CVE-2025-58839

Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through = 1.2...

CVE-2025-58812

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto allows Stored XSS.This issue affects Best Restaurant Menu by PriceListo: from n/a through = 1.4.3...

CVE-2025-58798

Cross-Site Request Forgery CSRF vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through = 1.1.3...

CVE-2025-58839

CVE-2025-58839 describes a deserialization of untrusted data vulnerability in the WordPress plugin “eDS Responsive Menu” (versions up to and including 1.2). The underlying issue is PHP Object Injection triggered by deserializing untrusted data, enabling an attacker to manipulate objects during ru...

CVE-2025-58839 WordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through = 1.2...

CVE-2025-58839 WordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through = 1.2...

CVE-2025-58812

CVE-2025-58812 affects the WordPress plugin Best Restaurant Menu by PriceListo (versions up to and including 1.4.3). The issue is a Stored Cross-Site Scripting (XSS) vulnerability introduced by improper input neutralization during web page generation. Exploitation could allow attacker-controlled ...

CVE-2025-58812 WordPress Best Restaurant Menu by PriceListo Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto allows Stored XSS.This issue affects Best Restaurant Menu by PriceListo: from n/a through = 1.4.3...

CVE-2025-58798 WordPress BCM Duplicate Menu plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through = 1.1.3...

CVE-2025-58798 WordPress BCM Duplicate Menu plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through = 1.1.3...

CVE-2025-58798

CVE-2025-58798 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin BCM Duplicate Menu by Bjorn Manintveld. Public details indicate the flaw affects BCM Duplicate Menu versions up to 1.1.2, enabling CSRF for authenticated users. The issue is corroborated across mult...

WordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin eDS Responsive Menu versions = 1.2...

WordPress Best Restaurant Menu by PriceListo Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy in WordPress Plugin Best Restaurant Menu by PriceListo versions = 1.4.3...