2 matches found
CVE-2024-28003
CVE-2024-28003 affects the WordPress plugin Max Mega Menu (Max Mega Menu) up to version 3.3 (inclusive). Root cause: missing authorization check in the sandbox() function enables “broken access control,” allowing unauthorised or limited-privilege actions by authenticated users (e.g., subscriber l...
CVE-2024-28003 WordPress Max Mega Menu plugin <= 3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3...