cleantalk
Vulnerabilities and Security Researches

Float menu – awesome floating side menu, CVE-2024-2405

CVE, Research URL

CVE-2024-2405

Home page URL

Security reports for Float menu – awesome floating side menu

Application

Float menu – awesome floating side menu

Published on
May 02, 2024
Research Description
The Float menu WordPress plugin before 6.0.1 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admin delete arbitrary menu via a CSRF attack.
Affected versions
Min -, max 6.0.1.
Status
vulnerable
Previous vulnerability researches
Float menu – awesome floating side menu (CVE-2024-2405) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2022-0313) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2023-3225) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2023-2362) , Jun 06, 2024
Float menu – awesome floating side menu (CVE-2025-30912) , Apr 03, 2025
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025