Vulnerabilities > Freshlightlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-07 | CVE-2024-3987 | Cross-site Scripting vulnerability in Freshlightlab WP Mobile Menu The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2023-12-21 | CVE-2023-50826 | Cross-site Scripting vulnerability in Freshlightlab Menu Image, Icons Made Easy Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10. | 4.8 |
| 2022-03-28 | CVE-2022-0450 | Improper Encoding or Escaping of Output vulnerability in Freshlightlab Menu Image, Icons Made Easy The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. | 5.4 |