CVE-2026-32456

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

EUVD-2026-12011

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

CVE-2026-32456

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

CVE-2026-32456

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

CVE-2026-32456 WordPress Admin Menu Editor plugin <= 1.14.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

CVE-2026-32456 WordPress Admin Menu Editor plugin <= 1.14.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

CVE-2026-32456

The CVE concerns the WordPress plugin Admin Menu Editor (admin-menu-editor) with versions up to and including 1.14.1, reporting a Cross-Site Request Forgery (CSRF) vulnerability. The connected records only state the issue as a CSRF vulnerability affecting Admin Menu Editor and do not provide tech...

PT-2026-25300

Cross-Site Request Forgery CSRF vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through = 1.14.1...

WordPress plugin Admin Menu Editor 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...

WordPress Admin Menu Editor plugin <= 1.14.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by timomangcut in WordPress Plugin Admin Menu Editor versions = 1.14.1...

CVE-2022-0625

The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

EUVD-2022-15722

Malicious code in bioql PyPI...

EUVD-2024-22239

Malicious code in bioql PyPI...

WordPress Admin Menu Editor plugin cross-site scripting vulnerability

WordPress Admin Menu Editor plugin is a plugin for customizing and managing backend menus, supporting reordering, hiding/showing menu items, modifying permissions and more. WordPress Admin Menu Editor plugin suffers from a cross-site scripting vulnerability that stems from insufficient input...

CVE-2025-9493

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493 Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493 Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter

The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level acce...

CVE-2025-9493

CVE-2025-9493 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin Admin Menu Editor. The root cause is insufficient input sanitization and output escaping for the placeholder parameter, enabling an authenticated attacker with Author-level access or higher to inject scrip...

WordPress Admin Menu Editor plugin <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via placeholder Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Admin Menu Editor versions = 1.14...