← Back

Accordion Image Menu

accordion_image_menu

Vendor: Alaingonzalez • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-8092
1Alaingonzalez
1Accordion Image Menu
Jun 17, 2026
Sep 17, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payload...Show more
The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less