VYPR

Menu Icons

by Themeisle

CVEs (2)

  • CVE-2026-1755MedFeb 3, 2026
    risk 0.35cvss 6.4epss 0.00

    The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_wp_attachment_image_alt’ post meta in all versions up to, and including, 0.13.20 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-4635MedMay 16, 2024
    risk 0.35cvss 6.4epss 0.00

    The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘add_mime_type’ function in versions up to, and including, 0.13.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…