cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches foradmin-menu-editor admin-menu-editor

Direction: ascending
Jun 06, 2024

Admin Menu Editor # CVE-2024-24876

CVE, Research URL

CVE-2024-24876

Home page URL

Security reports for Admin Menu Editor

Application

Admin Menu Editor

Date
Feb 21, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12.
Affected versions
max 1.12.1.
Status
vulnerable
Sep 07, 2025

Admin Menu Editor # CVE-2025-9493

CVE, Research URL

CVE-2025-9493

Home page URL

Security reports for Admin Menu Editor

Application

Admin Menu Editor

Date
Sep 06, 2025
Research Description
The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 1.14.1.
Status
vulnerable
Mar 29, 2026

Admin Menu Editor # CVE-2026-32456

CVE, Research URL

CVE-2026-32456

Home page URL

Security reports for Admin Menu Editor

Application

Admin Menu Editor

Date
Mar 14, 2026
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through <= 1.14.1.
Affected versions
max 1.14.1.
Status
vulnerable