142 matches found
WordPress Hero Mega Menu - Responsive WordPress Menu Plugin plugin <= 1.16.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Directory Deletion vulnerability
WordPress Hero Mega Menu - Responsive WordPress Menu Plugin plugin = 1.16.5 - Missing Authorization to Authenticated Subscriber+ Arbitrary Directory Deletion vulnerability discovered by Lucio Sá in WordPress Plugin Hero Mega Menu - Responsive WordPress Menu Plugin versions = 1.16.5...
CVE-2021-4443
The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compilersave AJAX action. This makes it possible for unauthenticated attackers to create arbitrary PHP files that can be used to execute malicious code...
CVE-2024-49303
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49333
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49300
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-54282
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through = 1.4.2...
CVE-2024-49333
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49300
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49303
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49303 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49333 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5...
CVE-2024-49333
CVE-2024-49333 is a SQL injection vulnerability in the WordPress plugin Hero Mega Menu - Responsive WordPress Menu Plugin. It affects versions
PT-2025-2825 · WordPress · Hero Mega Menu
Name of the Vulnerable Software and Affected Versions: Hero Mega Menu - Responsive WordPress Menu Plugin versions 1.16.5 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...
PT-2025-2826 · WordPress · Hero Mega Menu - Responsive Wordpress Menu Plugin
Name of the Vulnerable Software and Affected Versions: Hero Mega Menu - Responsive WordPress Menu Plugin versions n/a through 1.16.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...
WordPress plugin Hero Mega Menu SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin Hero Mega Menu SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin Hero Mega Menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-2824 · WordPress · Hero Mega Menu - Responsive Wordpress Menu Plugin
Name of the Vulnerable Software and Affected Versions: Hero Mega Menu - Responsive WordPress Menu Plugin versions 1.16.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected cross-site scripting XSS. This means an...
WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Hero Mega Menu - Responsive WordPress Menu Plugin versions = 1.16.5...
CVE-2024-54282
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through = 1.4.2...