3 matches found
CVE-2025-2871
The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajaxdismissnotice function. This makes it possible for unauthenticated attackers to update a...
CVE-2025-2871
creationtimestamp| type| source ---|---|--- 2025-04-12 03:51:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11534 2025-04-12 05:42:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmlt6qxmjp2u 2025-04-12 09:10:19+00:00| seen| https://t.me/cvedetector/22792...
WordPress QuadMenu plugin <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta Update vulnerability
Cross-Site Request Forgery to Limited User Meta Update vulnerability discovered by Peter Thaleikis in WordPress Plugin QuadMenu versions = 3.2.0...