Eds Responsive Menu
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18513 | Hig | 0.57 | 8.8 | 0.01 | Aug 14, 2019 | The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. | ||
| CVE-2022-25602 | Hig | 0.54 | 8.3 | 0.01 | Mar 18, 2022 | Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7). | ||
| CVE-2025-58839 | Hig | 0.47 | 7.2 | 0.00 | Sep 5, 2025 | Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through <= 1.2. | ||
| CVE-2021-24971 | Med | 0.35 | 5.4 | 0.01 | Feb 28, 2022 | The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wpr_live_update AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's… | ||
| CVE-2025-49971 | Med | 0.28 | 4.3 | 0.00 | Jun 20, 2025 | Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eDS Responsive Menu: from n/a through <= 1.2. |
- risk 0.57cvss 8.8epss 0.01
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
- risk 0.54cvss 8.3epss 0.01
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
- risk 0.47cvss 7.2epss 0.00
Deserialization of Untrusted Data vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Object Injection.This issue affects eDS Responsive Menu: from n/a through <= 1.2.
- risk 0.35cvss 5.4epss 0.01
The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wpr_live_update AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eDS Responsive Menu: from n/a through <= 1.2.