| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-13778 | Hero Mega Menu - Responsive WordPress Menu Plugin <= 1.16.5 - Authenticated (Subscriber+) SQL Injection | heroplugins | Hero Mega Menu - Responsive WordPress Menu Plugin | Medium | 6.5 | 2025-03-05 09:21:47 | Deep Dive |
| CVE-2024-13779 | Hero Mega Menu - Responsive WordPress Menu Plugin <= 1.16.5 - Reflected Cross-Site Scripting | heroplugins | Hero Mega Menu - Responsive WordPress Menu Plugin | Medium | 6.1 | 2025-03-05 09:21:45 | Deep Dive |
| CVE-2024-13780 | Hero Mega Menu - Responsive WordPress Menu Plugin <= 1.16.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Directory Deletion | heroplugins | Hero Mega Menu - Responsive WordPress Menu Plugin | Medium | 6.5 | 2025-03-05 09:21:44 | Deep Dive |
| CVE-2024-49303 | WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability | NotFound | Hero Mega Menu - Responsive WordPress Menu Plugin | High | 8.5 | 2025-01-21 13:40:33 | Deep Dive |
| CVE-2024-49333 | WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability | NotFound | Hero Mega Menu - Responsive WordPress Menu Plugin | High | 8.5 | 2025-01-21 13:40:33 | Deep Dive |
| CVE-2024-49300 | WordPress Hero Menu plugin <= 1.16.5 - Reflected Cross Site Scripting (XSS) vulnerability | NotFound | Hero Mega Menu - Responsive WordPress Menu Plugin | High | 7.1 | 2025-01-21 13:40:32 | Deep Dive |
| CVE-2024-3238 | WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion | looks_awesome | WordPress Menu Plugin — Superfly Responsive Menu | High | 8.8 | 2024-08-02 06:41:38 | Deep Dive |
| CVE-2022-25602 | WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability | ExpressTech | Responsive Menu (WordPress plugin) | High | 8.3 | 2022-03-18 18:00:27 | Deep Dive |