Vulnerabilities > Freshlightlab

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-50826 Cross-site Scripting vulnerability in Freshlightlab Menu Image, Icons Made Easy
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10.
network
low complexity
freshlightlab CWE-79
4.8
2022-03-28 CVE-2022-0450 Improper Encoding or Escaping of Output vulnerability in Freshlightlab Menu Image, Icons Made Easy
The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them.
network
low complexity
freshlightlab CWE-116
5.4