Vulnerabilities > Accesspressthemes > AP Mega Menu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-21 | CVE-2022-0628 | Cross-site Scripting vulnerability in Accesspressthemes AP Mega Menu The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | 4.3 |