Skip to main content

Monster Menus

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-13288 PHP MEDIUM PATCH Monitor

Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.0.0 before 9.3.4, from 9.4.0 before 9.4.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Monster Menus Drupal
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-13281 PHP CRITICAL PATCH This Week

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.0.0 before 9.3.2. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Monster Menus Drupal
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2024-13288 PHP
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.0.0 before 9.3.4, from 9.4.0 before 9.4.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Monster Menus Drupal
NVD
CVE-2024-13281 PHP
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.0.0 before 9.3.2. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Monster Menus Drupal
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy