VYPR

Superfly Menu

by WordPress

CVEs (2)

  • CVE-2024-3238HigAug 2, 2024
    risk 0.57cvss 8.8epss 0.00

    The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajax_handle_delete_icons() function. This makes it…

  • CVE-2024-32553HigApr 18, 2024
    risk 0.46cvss 7.1epss 0.01

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in looks_awesome Superfly Menu superfly-menu.This issue affects Superfly Menu: from n/a through <= 5.0.25.