70 matches found
EUVD-2025-3916
Malicious code in bioql PyPI...
EUVD-2023-31194
Malicious code in bioql PyPI...
EUVD-2024-51100
Malicious code in bioql PyPI...
CVE-2025-24724
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Side Menu Lite side-menu-lite allows Cross Site Request Forgery.This issue affects Side Menu Lite: from n/a through = 5.3.1...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2021-24348
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...
WordPress Altra Side Menu plugin <= 2.0 - Abitrary Menu Deletion via CSRF vulnerability
Abitrary Menu Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Altra Side Menu versions = 2.0...
WordPress Altra Side Menu plugin <= 2.0 - Admin+ SQL Injection vulnerability
Admin+ SQL Injection vulnerability discovered by Régis SENET in WordPress Plugin Altra Side Menu versions = 2.0...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12774 Altra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRF
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12774
CVE-2024-12774 affects the Altra Side Menu WordPress plugin (≤ v2.0). It stems from missing CSRF checks, potentially allowing logged-in admins to delete arbitrary menus via CSRF. No explicit patch or mitigation details are provided in the connected documents; monitor for updates and consider rest...
CVE-2024-12774 Altra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRF
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
CVE-2024-12773 affects the WordPress plugin Altra Side Menu (versions up to 2.0). The issue arises when an input parameter is not sanitized/escaped before being used in a SQL statement, enabling admins to perform SQL injection. The CVE notes an in-site impact of high severity (base CVSS 3.1 score...
CVE-2024-12773 Altra Side Menu <= 2.0 - Admin+ SQL Injection
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2024-12773 Altra Side Menu <= 2.0 - Admin+ SQL Injection
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
WordPress plugin Altra Side Menu 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...