CVE-2025-49436 WordPress Anotte theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Anotte anotte-wp allows PHP Local File Inclusion.This issue affects Anotte: from n/a through = 1.8...

CVE-2025-49436 WordPress Custom Menu plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thiudis Custom Menu allows Stored XSS. This issue affects Custom Menu: from n/a through 1.8...

CVE-2025-49436

CVE-2025-49436 is associated with a WordPress Custom Menu plugin vulnerability reported in connected documents as a stored cross-site scripting (XSS) issue affecting the Custom Menu plugin up to version 1.8. The technical detail from the connected sources indicates that the flaw originates from i...

WordPress plugin Custom Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-33955 · Unknown · Thiudis Custom Menu

Name of the Vulnerable Software and Affected Versions: thiudis Custom Menu versions through 1.8 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update thiudis Custom Menu to a version later than 1.8...

WordPress Admin Menu Groups plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Admin Menu Groups versions = 0.1.2...

RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)

Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.0.0/ritecms.v3.0.0.zip Version: Steps: 1. Log in or...

📄 RiteCMS 3.0.0 Cross Site Scripting

RiteCMS versions 3.0.0 and below suffer from a cross site scripting vulnerability. Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link:...

WordPress Custom Menu plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Custom Menu versions = 1.8...

CVE-2025-8491

The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsceprmsavemenu function. This makes it possible for unauthenticated attackers to upload a men...

Malicious code in @sellerly-kit/dropdown-menu (npm)

The package @sellerly-kit/dropdown-menu was found to contain malicious code...

Malicious code in ch-react-menu (npm)

The package ch-react-menu was found to contain malicious code...

Malicious code in mcp-menu (npm)

The package mcp-menu was found to contain malicious code...

Malicious code in multicolumn-menu (npm)

The package multicolumn-menu was found to contain malicious code...

Malicious code in omni-law-menu-section (npm)

The package omni-law-menu-section was found to contain malicious code...

Malicious code in react-menu-toolbar (npm)

The package react-menu-toolbar was found to contain malicious code...

MAL-2025-16754 Malicious code in ch-react-menu (npm)

The package ch-react-menu was found to contain malicious code...

MAL-2025-26053 Malicious code in mcp-menu (npm)

The package mcp-menu was found to contain malicious code...

MAL-2025-31802 Malicious code in react-menu-toolbar (npm)

The package react-menu-toolbar was found to contain malicious code...

MAL-2025-9674 Malicious code in @womhla6s/ui-modules-menu (npm)

The package @womhla6s/ui-modules-menu was found to contain malicious code...