WordPress Custom Admin Menu plugin <= 1.0.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Yousof Nahya in WordPress Plugin Custom Admin Menu versions = 1.0.0...

CVE-2025-13071

The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13071

The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13071 Custom Admin Menu <= 1.0.0 - Reflected XSS

The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13071

CVE-2025-13071 affects the WordPress plugin “Custom Admin Menu” up to version 1.0.0. The issue is a reflected Cross-Site Scripting (XSS) where a parameter is echoed back without proper sanitisation/escaping, enabling an attacker to inject scripts that could run in the context of an admin user’s s...

CVE-2025-13071 Custom Admin Menu <= 1.0.0 - Reflected XSS

The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin Custom Admin Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-49803

Name of the Vulnerable Software and Affected Versions Custom Admin Menu WordPress plugin versions through 1.0.0 Description The plugin does not properly sanitise and escape a parameter before displaying it on a page, which can lead to a Reflected Cross-Site Scripting issue. This could potentially...

EUVD-2024-45451

Malicious code in bioql PyPI...

CVE-2024-51618

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Admin Menu custom-admin-menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through = 1.0.0...

CVE-2024-51618

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Admin Menu custom-admin-menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through = 1.0.0...

CVE-2024-51618 WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Admin Menu custom-admin-menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through = 1.0.0...

WordPress plugin Custom Admin Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-34761 · Duogeek · Duogeek Custom Admin Menu

Name of the Vulnerable Software and Affected Versions: DuoGeek Custom Admin Menu versions n/a through 1.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in DuoGeek Custom Admin...

WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Custom Admin Menu versions = 1.0.0...

WordPress Custom Admin Menu Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Custom Admin Menu Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51618 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bbf3ecaf90b5 Credits SOPROBRO Required privilege Contributo...