CVE-2023-5509
myStickymenu < 2.6.5 - Subscriber+ Arbitrary Form Leads Deletion
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions.
Productos afectados
Unknown · Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →