2 matches found
CVE-2024-2508
CVE-2024-2508 affects the WordPress plugin WP Mobile Menu (versions up to 2.8.4.4). The vulnerability arises from a missing capability check in the save_menu_item_icon function, enabling unauthenticated attackers to modify data by adding the post meta key '_mobmenu_icon' with a crafted value on a...
WordPress WP Mobile Menu Plugin <= 2.8.4.4 is vulnerable to Broken Access Control
Software WP Mobile Menu Type Plugin Vulnerable versions = 2.8.4.4 Fixed in 2.8.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2508 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a69747222ff0 Credits 1337Wannabe Required privileg...