cleantalk
Vulnerabilities and Security Researches

Float menu – awesome floating side menu, CVE-2023-3225

CVE, Research URL

CVE-2023-3225

Home page URL

Security reports for Float menu – awesome floating side menu

Application

Float menu – awesome floating side menu

Published on
Jul 10, 2023
Research Description
The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 5.0.3.
Status
vulnerable
Previous vulnerability researches
Float menu – awesome floating side menu (CVE-2024-2405) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2022-0313) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2023-3225) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2023-2362) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2025-30912) , Apr 03, 2025
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025