CVE-2023-5509
myStickymenu < 2.6.5 - Subscriber+ Arbitrary Form Leads Deletion
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions.
Affected products
Unknown · Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any ThemeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →