EUVD-2024-44307

Malicious code in bioql PyPI...

EUVD-2024-32172

Malicious code in bioql PyPI...

CVE-2024-4710

The UberMenu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ubermenu-col, ubermenumobileclosebutton, ubermenutoggle, ubermenu-search shortcodes in all versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user suppli...

CVE-2024-3593

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...

WordPress UberMenu plugin <= 3.8.3 - Cross-Site Request Forgery to Settings Reset vulnerability

Cross-Site Request Forgery to Settings Reset vulnerability discovered by M.Awad in WordPress Plugin Uber Menu versions = 3.8.3...

CVE-2024-3593

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...

CVE-2024-3593

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...

CVE-2024-3593 UberMenu <= 3.8.3 - Cross-Site Request Forgery to Settings Reset

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...

CVE-2024-3593

The UberMenu WordPress plugin (all versions up to 3.8.3) is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in ubermenu_delete_all_item_settings and ubermenu_reset_settings. This allows unauthenticated attackers to delete or reset plugin settings by coercing ...

CVE-2024-3593 UberMenu <= 3.8.3 - Cross-Site Request Forgery to Settings Reset

The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenudeleteallitemsettings and ubermenuresetsettings functions. This makes it possible for unauthenticated...

WordPress plugin UberMenu security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-26786 · WordPress · Ubermenu

Name of the Vulnerable Software and Affected Versions: UberMenu plugin for WordPress versions up to, and including, 3.8.3 Description: The issue is due to missing or incorrect nonce validation on the ubermenu delete all item settings and ubermenu reset settings functions. This allows...

CVE-2024-4710 Uber Menu <= 3.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

The UberMenu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ubermenu-col, ubermenumobileclosebutton, ubermenutoggle, ubermenu-search shortcodes in all versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user suppli...

CVE-2024-4710

CVE-2024-4710 – UberMenu (WordPress) is a stored cross‑site scripting vulnerability in UberMenu shortcodes (ubermenu-col, ubermenu_mobile_close_button, ubermenu_toggle, ubermenu-search) affecting all versions up to 3.8.2. The issue arises from insufficient input sanitization and output escaping o...

PT-2024-32408 · WordPress · Ubermenu

Name of the Vulnerable Software and Affected Versions: UberMenu plugin for WordPress versions up to, and including, 3.8.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the plugin's...

Uber Menu < 3.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

Description The UberMenu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ubermenu-col, ubermenumobileclosebutton, ubermenutoggle, ubermenu-search shortcodes in all versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on...

Malicious code in ubermenu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb6c884144ed475f1632aef6c970f42e0c168ca0eba55fdc931a6d7e5da6d69b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8261 Malicious code in ubermenu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb6c884144ed475f1632aef6c970f42e0c168ca0eba55fdc931a6d7e5da6d69b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...