Vulnerabilities > Accesspressthemes > AP Mega Menu
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-21 | CVE-2022-0628 | Cross-site Scripting vulnerability in Accesspressthemes AP Mega Menu The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | 4.3 |
| 2022-02-21 | CVE-2021-24867 | Hidden Functionality vulnerability in Accesspressthemes products Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. | 7.5 |