CVE-2021-24162
CVE-2021-24162 describes a CSRF to settings update in the Reponsive Menu WordPress plugin (free and Pro) prior to version 4.0.4. An attacker could craft a request to trick an administrator into importing new settings, which could be modified to include malicious JavaScript and enable site infecti...