CVE-2024-3593
The UberMenu WordPress plugin (all versions up to 3.8.3) is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in ubermenu_delete_all_item_settings and ubermenu_reset_settings. This allows unauthenticated attackers to delete or reset plugin settings by coercing ...