Back to search
CVE-2023-5509
Published: Nov 20, 2023
Modified: Aug 2, 2024
PUBLISHED
Description
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions.
| Vendor | Product | Versions |
|---|---|---|
Unknown | Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme | affected 0 - < 2.6.5 |
References
https://wpscan.com/vulnerability/3b33c262-e7f0-4310-b26d-4727d7c25c9d
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now