VYPR
Medium severity4.5NVD Advisory· Published May 2, 2024· Updated Jun 17, 2026

CVE-2024-2405

CVE-2024-2405

Description

The Float menu WordPress plugin before 6.0.1 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admin delete arbitrary menu via a CSRF attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.