VYPR

Menu Image, Icons made easy

by WordPress

CVEs (2)

  • CVE-2023-50826MedDec 21, 2023
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10.

  • CVE-2022-0450MedMar 28, 2022
    risk 0.35cvss 5.4epss 0.01

    The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu…