[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffz9itwKQP4m361AizSjWpJyDYO343wGlGKCLvS8ahho":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":62,"crawl_stats":37,"alternatives":70,"analysis":167,"fingerprints":773},"wp-megamenu","WP Mega Menu","1.4.2","Themeum","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeum\u002F","\u003Cp>If you have been dreaming of building a stunning mega menu on your WordPress site, our WP Mega Menu plugin is the ultimate solution. You can use Mega Menu for free to create rich and stunning navigation menus for your website. Make menu themes, and customize the styles using drag-and-drop tools. Beautify the menu items with custom colors, fonts, and attributes. Use Mega Menu to build a navigation menu beyond imagination.\u003C\u002Fp>\n\u003Ch4>Plugin Demo\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo.themeum.com\u002Fwordpress\u002Fwp-megamenu\u002F\" rel=\"nofollow ugc\">See Plugin Demo\u003C\u002Fa>\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fdocs.themeum.com\u002Fwp-megamenu\u002F\" rel=\"nofollow ugc\">Plugin Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>Here are the most notable features of WP Mega Menu plugin. If you need any further information, please feel free to contact us. Below are the best offerings of WP Mega Menu.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag and drop menu builder panel.\u003C\u002Fli>\n\u003Cli>Widgets in menu.\u003C\u002Fli>\n\u003Cli>Multiple themes\u002Fskins option.\u003C\u002Fli>\n\u003Cli>Export\u002Fimport themes\u003C\u002Fli>\n\u003Cli>Branding in logo\u003C\u002Fli>\n\u003Cli>Social icons\u003C\u002Fli>\n\u003Cli>Search bar in menu\u003C\u002Fli>\n\u003Cli>Menu labelling\u002Fbadge, ex: hot, new, etc.\u003C\u002Fli>\n\u003Cli>Dashicons and Font Awesome icon support\u003C\u002Fli>\n\u003Cli>Stretch menu\u003C\u002Fli>\n\u003Cli>Responsive support\u003C\u002Fli>\n\u003Cli>Mobile menu support\u003C\u002Fli>\n\u003Cli>Menu background image\u003C\u002Fli>\n\u003Cli>Unlimited colors\u003C\u002Fli>\n\u003Cli>Google Fonts\u003C\u002Fli>\n\u003Cli>Unlimited options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please let us know your feedback, if you think something can be more awesome in this plugin, we will love to add.\u003C\u002Fp>\n\u003Ch4>Author\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fwww.themeum.com\" rel=\"nofollow ugc\">Themeum\u003C\u002Fa>\u003C\u002Fp>\n","WordPress Mega Menu is a responsive, highly customizable drag and drop menu builder plugin. Download free WordPress megamenu plugin.",9000,576301,88,219,"2021-11-03T10:42:00.000Z","5.8.13","4.0","",[20,21,22,23,4],"mega-menu","megamenu","navigation","responsive-menu","https:\u002F\u002Fwww.themeum.com\u002Fproduct\u002Fwp-megamenu\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-megamenu.1.4.2.zip",61,2,1,"2024-12-11 00:00:00","2026-03-15T15:16:48.613Z",[32,46],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2024-54282","wp-mega-menu-authenticated-administrator-php-object-injection","WP Mega Menu \u003C= 1.4.2 - Authenticated (Administrator+) PHP Object Injection","The WP Mega Menu plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.2 via deserialization of untrusted input. This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.",null,"\u003C=1.4.2","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2024-12-19 16:36:12",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6d0d4d06-95f7-4ecd-84a7-2d3996b16b1c?source=api-prod",{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":37,"affected_versions":51,"patched_in_version":52,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"WF-184ee992-1479-4528-9ff7-036affaecdbb-wp-megamenu","wp-mega-menu-unauthenticated-settings-update-to-stored-cross-site-scripting","WP Mega Menu \u003C= 1.3.6 - Unauthenticated Settings Update to Stored Cross-Site Scripting","The WP Mega Menu plugin for WordPress is vulnerable to unauthenticated settings updates that can lead to stored cross-site scripting in versions up to, and including 1.3.6 due to a missing capability check and insufficient validation. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts.","\u003C=1.3.6","1.3.7","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2020-04-20 00:00:00","2024-01-22 19:56:02",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F184ee992-1479-4528-9ff7-036affaecdbb?source=api-prod",1373,{"slug":63,"display_name":7,"profile_url":8,"plugin_count":64,"total_installs":65,"avg_security_score":66,"avg_patch_time_days":67,"trust_score":68,"computed_at":69},"themeum",14,675340,87,269,70,"2026-04-03T21:31:16.263Z",[71,93,113,132,151],{"slug":21,"name":72,"version":73,"author":21,"author_profile":74,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":79,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":88,"download_link":89,"security_score":90,"vuln_count":27,"unpatched_count":91,"last_vuln_date":92,"fetched_at":30},"Max Mega Menu","3.7","https:\u002F\u002Fprofiles.wordpress.org\u002Fmegamenu\u002F","\u003Cp>Max Mega Menu will automatically convert your existing menu into a mega menu. You can then add any WordPress widget to your menu, restyle your menu using the theme editor and change the menu behaviour using the built in settings. Max Mega Menu is a complete menu management plugin, perfect for taking control of your existing menu and turning it into a user-friendly, accessible and touch ready menu with just a few clicks.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F44dJwP1AXT8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Documentation & Demo: \u003Ca href=\"https:\u002F\u002Fwww.megamenu.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.megamenu.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Mobile\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatic support for native touch events\u003C\u002Fli>\n\u003Cli>Off Canvas Mobile Menu option built in\u003C\u002Fli>\n\u003Cli>Specify your own Responsive Breakpoint\u003C\u002Fli>\n\u003Cli>For items with sub menus, choose between “First click opens sub menu, second click closes sub menu” or “First click opens sub menu, second click follows link”\u003C\u002Fli>\n\u003Cli>Option to hide sub menus on mobile\u003C\u002Fli>\n\u003Cli>Mobile Toggle Bar designer allows you to tailor the toggle bar elements to fit in with your site design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Builds upon the standard WordPress menus system\u003C\u002Fli>\n\u003Cli>Restores the \u003Cem>Appearance > Menus\u003C\u002Fem> screen in “full site editing” themes\u003C\u002Fli>\n\u003Cli>Supports multiple menu locations each with their own configuration\u003C\u002Fli>\n\u003Cli>Off canvas (slide in from left or right) or standard drop down mobile menu\u003C\u002Fli>\n\u003Cli>Organise your sub menu content into rows and columns using the Grid Layout builder\u003C\u002Fli>\n\u003Cli>Display WordPress Widgets in your menu\u003C\u002Fli>\n\u003Cli>Fully customise the styling of your menus using the built in theme editor\u003C\u002Fli>\n\u003Cli>Supports Flyout (traditional) or Mega Menu sub menu styles\u003C\u002Fli>\n\u003Cli>Hover, Hover Intent or Click event to open sub menus\u003C\u002Fli>\n\u003Cli>Fade, Fade Up, Slide Up or Slide sub menu transitions\u003C\u002Fli>\n\u003Cli>Add icons to menu items\u003C\u002Fli>\n\u003Cli>Menu item options including Hide Text, Disable Link, Hide on Mobile etc\u003C\u002Fli>\n\u003Cli>Align menu items to the left or right of the menu bar\u003C\u002Fli>\n\u003Cli>Align sub menus to left or right of parent menu item\u003C\u002Fli>\n\u003Cli>Display your menu using Automatic Integration, Block, Widget or Shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Accessibility\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keyboard Navigation built in\u003C\u002Fli>\n\u003Cli>\u003Ccode>TAB\u003C\u002Fcode> activates keyboard navigation and navigates through the menu\u003C\u002Fli>\n\u003Cli>\u003Ccode>ENTER\u003C\u002Fcode> or \u003Ccode>SPACE\u003C\u002Fcode> on a sub menu arrow indicator shows\u002Fhides the sub menu\u003C\u002Fli>\n\u003Cli>\u003Ccode>ESC\u003C\u002Fcode> closes all open sub menus\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Max Mega Menu is developed with a focus on code quality, performance and usability.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The only mega menu plugin with zero “!important”, block or inline CSS styles\u003C\u002Fli>\n\u003Cli>Menus are styled using a single, static CSS file\u003C\u002Fli>\n\u003Cli>Less than 2kb JavaScript (when gzipped)\u003C\u002Fli>\n\u003Cli>Responsive, touch & retina ready\u003C\u002Fli>\n\u003Cli>Built with accessibility in mind – keyboard navigation supported\u003C\u002Fli>\n\u003Cli>Extensively tested in all modern desktop and mobile browsers\u003C\u002Fli>\n\u003Cli>Clean code with a low memory footprint\u003C\u002Fli>\n\u003Cli>Supports all core nav_menu filters (prepend filter name with “mega_”)\u003C\u002Fli>\n\u003Cli>In depth documentation\u003C\u002Fli>\n\u003Cli>Basic Support included with free version\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Features:\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>Tabbed Mega Menus\u003C\u002Fli>\n\u003Cli>Sticky Menu\u003C\u002Fli>\n\u003Cli>Vertical & Accordion Menus\u003C\u002Fli>\n\u003Cli>FontAwesome, Genericon & Custom Icons\u003C\u002Fli>\n\u003Cli>Custom Item Styling\u003C\u002Fli>\n\u003Cli>Menu Logo\u003C\u002Fli>\n\u003Cli>Search Box\u003C\u002Fli>\n\u003Cli>WooCommerce & EDD support\u003C\u002Fli>\n\u003Cli>Google Fonts\u003C\u002Fli>\n\u003Cli>Roles & Restrictions\u003C\u002Fli>\n\u003Cli>Mobile toggle blocks\u003C\u002Fli>\n\u003Cli>Automatic updates\u003C\u002Fli>\n\u003Cli>Priority Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Find out more: \u003Ca href=\"https:\u002F\u002Fwww.megamenu.com\u002Fupgrade\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.megamenu.com\u002Fupgrade\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","An easy to use mega menu plugin. Written the WordPress way.",300000,11383037,96,858,"2025-12-15T10:28:00.000Z","6.9.4","5.0","5.6",[20,86,87,22,23],"menu","mobile-menu","https:\u002F\u002Fwww.megamenu.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmegamenu.3.7.zip",99,0,"2024-03-26 00:00:00",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":84,"tags":108,"homepage":109,"download_link":110,"security_score":111,"vuln_count":27,"unpatched_count":91,"last_vuln_date":112,"fetched_at":30},"quadmenu","QuadMenu – Mega Menu","3.3.2","quadlayers","https:\u002F\u002Fprofiles.wordpress.org\u002Fquadlayers\u002F","\u003Cp>Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.\u003C\u002Fp>\n\u003Ch3>Presentation\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002F\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Fdemo-corporate\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Fdocumentation\u002Fdevelopers\u002F\" rel=\"nofollow ugc\">Developers\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fquadlayers\u002F\" rel=\"nofollow ugc\">Community\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>QuadMenu is a WordPress Mega Menu that will allows you easily integrate the menu in your theme’s project. This plugin allows you to create mega menus, tabs menus and carrousel menus in a simple and native way converting your existing menu into a powerful tool.\u003C\u002Fp>\n\u003Ch3>Highlights\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simple & Automatic integration from simple menu to megamenu.\u003C\u002Fli>\n\u003Cli>Intuitive menu, easy to set megamenu options.\u003C\u002Fli>\n\u003Cli>Fully responsive menu.\u003C\u002Fli>\n\u003Cli>Customizable mega menu, gives the possibility to add or remove fields, and modify option with simple drag & drop.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Mobile\u003C\u002Fh3>\n\u003Cp>This WordPress Mega Menu is a responsive menu, which means that the layout will fit all screen sizes. Nevertheless, the difference with other alternatives is that the touch screen events have been incorporated natively, substantially improving the user experience in touch screens.\u003C\u002Fp>\n\u003Ch3>Layouts\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Flayouts\u002Fcollapse\u002F\" rel=\"nofollow ugc\">Collpase\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Flayouts\u002Foffcanvas\u002F\" rel=\"nofollow ugc\">Offcanvas\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Flayouts\u002Fvertical\u002F\" rel=\"nofollow ugc\">Vertical\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Sidebar\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>We also must mention the variety of available layouts that highlights this wordpress mega menu over other alternatives. This is the first mega menu that’s all in one solution, as you’ll be able to create an horizontal or vertical menu in desktop devices and collapsible or offcanvas menu in mobile.\u003C\u002Fp>\n\u003Ch3>Drag & drop\u003C\u002Fh3>\n\u003Cp>The drag and drop admin panel is another key feature that stand out this megamenu. From the native menu administration panel you can manage all the content of your megamenu trough a drag and drop interface that allows you to add new elements, create columns and add widgets or any other type of element available in the native WordPress menu metaboxes.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FRbwikMJsFUE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Customize\u003C\u002Fh3>\n\u003Cp>Finally, we must stand out the integration with the customizer dashboard. This is a feature that’s only available in the premium megamenu version and is an important feature if you will include this plugin in your themes project, as this allows you and your end users to tweak all menu color scheme or layout settings and see the effect of that changes in real time.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FLwywYyS3D2M?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002F#developers\" rel=\"nofollow ugc\">Developers\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fquadmenu.com\u002Fdocumentation\u002Fdevelopers\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>QuadMenu has been designed by developers for developers. For them, we have included a vast number of filters that let you change the style and behavior of your WordPress Menu, simplifying the integration with your products.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>Automatic and manual menu integration\u003C\u002Fli>\n\u003Cli>Build extending the standard WordPress Menu system\u003C\u002Fli>\n\u003Cli>Supports multiple menu locations\u003C\u002Fli>\n\u003Cli>Drag and Drop admin builder\u003C\u002Fli>\n\u003Cli>Display WordPress Widgets in your menu\u003C\u002Fli>\n\u003Cli>Support for child themes\u003C\u002Fli>\n\u003Cli>Unlimited Menu Themes\u003C\u002Fli>\n\u003Cli>Vertical Mega Menu\u003C\u002Fli>\n\u003Cli>Horizontal Mega Menu\u003C\u002Fli>\n\u003Cli>Offcanvas Mega Menu\u003C\u002Fli>\n\u003Cli>Sticky Menu\u003C\u002Fli>\n\u003Cli>Click or use the hoverIntent plugin to open links\u003C\u002Fli>\n\u003Cli>Align links options\u003C\u002Fli>\n\u003Cli>Float dropdown menus options\u003C\u002Fli>\n\u003Cli>Customizable breakpoint for menu collapse\u003C\u002Fli>\n\u003Cli>Show or hide items depending on the screen size\u003C\u002Fli>\n\u003Cli>Support for Font Awesome icons\u003C\u002Fli>\n\u003Cli>Google Fonts\u003C\u002Fli>\n\u003Cli>Dropdown animations\u003C\u002Fli>\n\u003Cli>Support for Visual Composer\u003C\u002Fli>\n\u003Cli>Mega Menu\u003C\u002Fli>\n\u003Cli>Icons Menu\u003C\u002Fli>\n\u003Cli>Search Menu\u003C\u002Fli>\n\u003Cli>Cart Menu\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Pro Features:\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>Tabs Menu\u003C\u002Fli>\n\u003Cli>Login Menu\u003C\u002Fli>\n\u003Cli>Register Menu\u003C\u002Fli>\n\u003Cli>Social Menu\u003C\u002Fli>\n\u003Cli>Carousel Menu\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n","Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.",10000,1163701,90,267,"2025-11-28T19:23:00.000Z","6.8.5","4.7",[20,21,86,87,23],"https:\u002F\u002Fquadmenu.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquadmenu.3.3.2.zip",94,"2025-04-11 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":91,"num_ratings":91,"last_updated":123,"tested_up_to":106,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":127,"download_link":128,"security_score":129,"vuln_count":130,"unpatched_count":28,"last_vuln_date":131,"fetched_at":30},"themehunk-megamenu-plus","Easy Mega Menu Plugin for WordPress – ThemeHunk","1.1.2","ThemeHunk","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemehunk\u002F","\u003Cp>\u003Cstrong>ThemeHunk Megamenu Plus\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Looking to enhance your WordPress menu? ThemeHunk Megamenu is your go-to plugin! This free, lightning-fast solution offers complete styling options for both normal and mega menus. Whether you’re adding pages, posts, widgets, products, text, or custom links, this plugin has you covered. Perfect for various website types including shops, agencies, blogs, and magazines, ThemeHunk Megamenu ensures your menu stands out while maintaining functionality. This is an easy-to-use responsive drop-down menu builder. You can add background images and colour separately for each menu. Elevate your site’s navigation effortlessly with ThemeHunk Megamenu!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fthemehunk.com\u002Fproduct\u002Fthemehunk-megamenu\u002F\" rel=\"nofollow ugc\">ThemeHunk Megamenu\u003C\u002Fa>   |  \u003Ca href=\"https:\u002F\u002Fthemehunk.com\u002Fdocs\u002Fthemehunk-mega-menu\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:-\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag and Drop Mega Menu Builder.\u003C\u002Fli>\n\u003Cli>150+ Free Icon Collections.\u003C\u002Fli>\n\u003Cli>100% Responsive for All Devices.\u003C\u002Fli>\n\u003Cli>Styling Options for the Default Menu.\u003C\u002Fli>\n\u003Cli>Styling Options for Megamenu.\u003C\u002Fli>\n\u003Cli>Display menu using Automatic Integration, Block, Widget or Shortcode.\u003C\u002Fli>\n\u003Cli>Support page, post, widgets, products, text and custom link in the mega menu.\u003C\u002Fli>\n\u003Cli>Unlimited row and column builder.\u003C\u002Fli>\n\u003C\u002Ful>\n","Free, fast, and user-friendly mega menu plugin for WordPress & WooCommerce. Add pages, posts, widgets, products, text, and custom links effortlessly.",2000,122362,"2025-06-25T06:41:00.000Z","5.5",[20,21,87,23,126],"woocommerce-menu","https:\u002F\u002Fthemehunk.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthemehunk-megamenu-plus.1.1.2.zip",75,3,"2025-06-05 00:00:00",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":68,"num_ratings":142,"last_updated":143,"tested_up_to":106,"requires_at_least":144,"requires_php":84,"tags":145,"homepage":148,"download_link":149,"security_score":90,"vuln_count":28,"unpatched_count":91,"last_vuln_date":150,"fetched_at":30},"getwid-megamenu","Navigation Block with Mega Menu","1.0.7","jetmonsters","https:\u002F\u002Fprofiles.wordpress.org\u002Fjetmonsters\u002F","\u003Cp>This WordPress mega menu plugin enables you to build tailor-made site navigation menus in Gutenberg.\u003C\u002Fp>\n\u003Cp>\u003Cem>Note: this WP navigation block is made for the full-site editing experiences in WordPress. Until full-site editing is available in Core, the plugin provides limited options since it can’t fully integrate with the navigation menu.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>The WordPress navigation menu plugin adds a few free mega menu Gutenberg blocks for different purposes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Mega menu block.\u003C\u002Fli>\n\u003Cli>Mega menu item block.\u003C\u002Fli>\n\u003Cli>Plain menu block.\u003C\u002Fli>\n\u003Cli>Plain menu item block.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The mega menu item block is very flexible – it allows you to add drop-down menus that can handle any WordPress block, giving you full control over the look and feel of your menus.\u003C\u002Fp>\n\u003Ch4>How you can approach the WordPress mega menu plugin:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The mega menu block is a container that can handle only mega menu items, which, in their turn, can handle nested drop-downs, i.e. contain any other blocks.\u003C\u002Fli>\n\u003Cli>Plain menu blocks can contain plain menu items that can handle drop-downs with other plain menu items.\u003C\u002Fli>\n\u003Cli>The width, color, font size, layouts (horizontal and vertical) of some navigation blocks are fully customizable.\u003C\u002Fli>\n\u003Cli>You can optionally transform a WordPress navigation menu into the “hamburger button” for mobile devices.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Searching for the best Gutenberg addon?\u003C\u002Fp>\n\u003Cp>Check out \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgetwid\u002F\" rel=\"ugc\">Getwid WordPress Blocks\u003C\u002Fa> – a top-rated block & template library for the block editor.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>Navigation Block with Mega Menu, Copyright (C) 2020, MotoPress https:\u002F\u002Fmotopress.com\u002F\u003Cbr \u002F>\nNavigation Block with Mega Menu plugin is distributed under the terms of the GNU GPL.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n","Build better navigation menus with the WordPress mega menu blocks.",1000,30104,13,"2025-07-16T10:01:00.000Z","5.7",[146,20,21,22,147],"block","wordpress-menu","https:\u002F\u002Fmotopress.com\u002Fproducts\u002Fwordpress-mega-menu-block\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgetwid-megamenu.1.0.7.zip","2025-05-19 00:00:00",{"slug":152,"name":153,"version":154,"author":155,"author_profile":156,"description":157,"short_description":158,"active_installs":159,"downloaded":160,"rating":91,"num_ratings":91,"last_updated":161,"tested_up_to":16,"requires_at_least":162,"requires_php":84,"tags":163,"homepage":18,"download_link":165,"security_score":166,"vuln_count":91,"unpatched_count":91,"last_vuln_date":37,"fetched_at":30},"wp-mega-menu-recent-posts","WP Mega Menu Recent Posts","1.0.4","krishna121","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrishna121\u002F","\u003Cp>WP Mega Menu Recent Posts plugin show recent posts under dropdown of menu in grid system. You can show text rollover effect after hover on image. This is the good solution for showing recent menu in grid using Mega Menu.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>You could recent posts of any category under dropdown menu.\u003C\u002Fli>\n\u003Cli>Show post title and read more link on hover of image.\u003C\u002Fli>\n\u003Cli>Easily set to show no of posts in row and total posts.\u003C\u002Fli>\n\u003Cli>Show posts in grid system.\u003C\u002Fli>\n\u003Cli>Easily configure with Mega Menu plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Mega Menu Recent Posts plugin show recent posts under dropdown of menu in grid system. You can show text rollover effect after hover on image.",10,2192,"2021-12-08T12:37:00.000Z","5.2",[20,21,86,22,164],"recent-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mega-menu-recent-posts.1.0.4.zip",85,{"attackSurface":168,"codeSignals":389,"taintFlows":499,"riskAssessment":754,"analyzedAt":772},{"hooks":169,"ajaxHandlers":311,"restRoutes":381,"shortcodes":382,"cronEvents":387,"entryPointCount":354,"unprotectedCount":388},[170,175,179,182,185,188,192,197,200,204,208,212,216,220,225,229,232,236,239,243,245,249,253,256,260,264,266,269,272,275,278,282,287,291,296,300,303,307],{"type":171,"name":172,"callback":173,"file":174,"line":130},"action","widgets_init","register_wpmm_featuresbox_widget","addons\\wpmm-featuresbox\\wpmm-featuresbox.php",{"type":171,"name":176,"callback":177,"file":174,"line":178},"wp_enqueue_scripts","wpmm_featuresbox_scripts",405,{"type":171,"name":172,"callback":180,"file":181,"line":27},"register_wpmm_grid_post_woocommerce_widget","addons\\wpmm-gridpost\\wpmm-grid-woocommerce.php",{"type":171,"name":172,"callback":183,"file":184,"line":27},"register_wpmm_grid_post_posts_widget","addons\\wpmm-gridpost\\wpmm-gridpost.php",{"type":171,"name":176,"callback":186,"file":184,"line":187},"wpmm_postgrid_scripts",380,{"type":171,"name":189,"callback":190,"file":184,"line":191},"wp_head","wpmm_track_postgrid_views",409,{"type":171,"name":193,"callback":194,"file":195,"line":196},"admin_enqueue_scripts","wpneo_enqueue_admin_script","classes\\class.wp-megamenu-base.php",22,{"type":171,"name":176,"callback":198,"file":195,"line":199},"wpneo_enqueue_frontend_script",23,{"type":171,"name":201,"callback":202,"file":195,"line":203},"admin_print_footer_scripts-nav-menus.php","nav_menu_footer_scripts",25,{"type":171,"name":205,"callback":206,"file":195,"line":207},"admin_print_scripts-nav-menus.php","nav_menu_scripts",26,{"type":171,"name":209,"callback":210,"file":195,"line":211},"admin_print_styles-nav-menus.php","nav_menu_styles",27,{"type":171,"name":213,"callback":214,"file":195,"line":215},"admin_menu","wp_megamenu_admin_menus",29,{"type":171,"name":217,"callback":218,"file":195,"line":219},"admin_init","register_settings",30,{"type":221,"name":222,"callback":223,"priority":159,"file":195,"line":224},"filter","wp_nav_menu_objects","add_widgets_to_menu",32,{"type":221,"name":226,"callback":227,"priority":159,"file":195,"line":228},"body_class","add_body_classes",33,{"type":171,"name":189,"callback":230,"file":195,"line":231},"wpmm_generate_css",46,{"type":171,"name":233,"callback":234,"file":195,"line":235},"admin_notices","admin_rating_notice",47,{"type":171,"name":189,"callback":237,"file":238,"line":219},"render_css","classes\\class.wp-megamenu-css.php",{"type":171,"name":240,"callback":241,"file":238,"line":242},"wpmm_after_save_theme","css_file_saving_action",31,{"type":171,"name":244,"callback":241,"file":238,"line":224},"wpmm_regenerate_css",{"type":171,"name":176,"callback":246,"priority":247,"file":238,"line":248},"before_header",9999,37,{"type":171,"name":217,"callback":250,"file":251,"line":252},"wpmm_import_menu","classes\\class.wp-megamenu-export-import.php",16,{"type":171,"name":233,"callback":254,"file":251,"line":255},"sample_admin_notice__success",290,{"type":171,"name":217,"callback":257,"file":258,"line":259},"save_wpmm_settings","classes\\class.wp-megamenu-settings.php",17,{"type":171,"name":217,"callback":261,"file":262,"line":263},"save_new_themes","classes\\class.wp-megamenu-themes.php",21,{"type":171,"name":217,"callback":265,"file":262,"line":199},"import_theme",{"type":171,"name":267,"callback":268,"file":262,"line":207},"load-nav-menus.php","add_metabox_to_nav_menu_settings",{"type":171,"name":270,"callback":271,"priority":159,"file":262,"line":219},"update_option_wpmm_options","update_theme_option_after_save_settins",{"type":171,"name":233,"callback":273,"file":262,"line":274},"wpmm_theme_updated_notice__success",73,{"type":171,"name":233,"callback":276,"file":262,"line":277},"theme_upload_success",127,{"type":171,"name":279,"callback":280,"file":281,"line":196},"init","wpmm_register_sidebar","classes\\class.wp-megamenu-widgets.php",{"type":221,"name":283,"callback":284,"priority":247,"file":285,"line":286},"wp_nav_menu_args","overrite_functions_wp_megamenu","classes\\class.wp-megamenu.php",512,{"type":171,"name":288,"callback":289,"file":285,"line":290},"admin_footer","wp_megamenu_add_menu_settings_wrap_admin_footer",730,{"type":221,"name":292,"callback":293,"priority":159,"file":294,"line":295},"plugin_row_meta","custom_plugin_row_meta","classes\\wp_megamenu_functions.php",1501,{"type":171,"name":213,"callback":297,"priority":298,"file":294,"line":299},"wpmm_add_admin_menu",502,1527,{"type":171,"name":217,"callback":301,"file":294,"line":302},"wpmm_go_premium_page",1536,{"type":171,"name":189,"callback":304,"file":305,"line":306},"wpmm_css_compatibility","includes\\compability.php",5,{"type":171,"name":279,"callback":308,"file":309,"line":310},"wp_meagmenu_language_load","wp-megamenu.php",41,[312,318,320,322,325,328,331,334,337,339,342,345,348,350,352,355,358,360,362,364,366,368,370,372,374,376,378],{"action":313,"nopriv":314,"callback":315,"hasNonce":316,"hasCapCheck":316,"file":184,"line":317},"gridpost_load_more_posts",true,"gridpost_load_more_posts_cb",false,415,{"action":313,"nopriv":316,"callback":315,"hasNonce":316,"hasCapCheck":316,"file":184,"line":319},416,{"action":321,"nopriv":316,"callback":321,"hasNonce":314,"hasCapCheck":314,"file":195,"line":242},"wpmm_item_settings_load",{"action":323,"nopriv":316,"callback":323,"hasNonce":314,"hasCapCheck":314,"file":195,"line":324},"wpmm_menu_item_option_save",35,{"action":326,"nopriv":316,"callback":326,"hasNonce":314,"hasCapCheck":314,"file":195,"line":327},"wpmm_icon_update",36,{"action":329,"nopriv":316,"callback":329,"hasNonce":316,"hasCapCheck":316,"file":195,"line":330},"save_item_panel_column",38,{"action":332,"nopriv":316,"callback":332,"hasNonce":314,"hasCapCheck":314,"file":195,"line":333},"wpmm_change_menu_type",39,{"action":335,"nopriv":316,"callback":335,"hasNonce":314,"hasCapCheck":314,"file":195,"line":336},"wpmm_change_strees_row",40,{"action":338,"nopriv":316,"callback":338,"hasNonce":314,"hasCapCheck":314,"file":195,"line":310},"wpmm_set_menu_width",{"action":340,"nopriv":316,"callback":340,"hasNonce":314,"hasCapCheck":314,"file":195,"line":341},"wpmm_set_strees_row_width",42,{"action":343,"nopriv":316,"callback":343,"hasNonce":314,"hasCapCheck":314,"file":195,"line":344},"wpmm_save_layout",45,{"action":346,"nopriv":316,"callback":346,"hasNonce":314,"hasCapCheck":314,"file":251,"line":347},"export_wp_megamenu_nav_menu",15,{"action":349,"nopriv":316,"callback":349,"hasNonce":314,"hasCapCheck":314,"file":262,"line":196},"export_wpmm_theme",{"action":351,"nopriv":316,"callback":351,"hasNonce":314,"hasCapCheck":314,"file":262,"line":211},"wpmm_theme_delete",{"action":353,"nopriv":316,"callback":353,"hasNonce":314,"hasCapCheck":314,"file":262,"line":354},"wpmm_nav_menu_save",28,{"action":356,"nopriv":316,"callback":356,"hasNonce":316,"hasCapCheck":316,"file":281,"line":357},"wpmm_add_widget_to_item",24,{"action":359,"nopriv":316,"callback":359,"hasNonce":316,"hasCapCheck":316,"file":281,"line":203},"wpmm_get_widget_to_item",{"action":361,"nopriv":316,"callback":361,"hasNonce":314,"hasCapCheck":314,"file":281,"line":207},"wpmm_save_widget",{"action":363,"nopriv":316,"callback":363,"hasNonce":314,"hasCapCheck":314,"file":281,"line":211},"wpmm_delete_widget",{"action":365,"nopriv":316,"callback":365,"hasNonce":316,"hasCapCheck":316,"file":281,"line":215},"wpmm_increase_widget_column",{"action":367,"nopriv":316,"callback":367,"hasNonce":316,"hasCapCheck":316,"file":281,"line":219},"wpmm_reorder_items",{"action":369,"nopriv":316,"callback":369,"hasNonce":316,"hasCapCheck":316,"file":281,"line":242},"wpmm_reorder_row",{"action":371,"nopriv":316,"callback":371,"hasNonce":314,"hasCapCheck":314,"file":281,"line":224},"wpmm_delete_row",{"action":373,"nopriv":316,"callback":373,"hasNonce":316,"hasCapCheck":316,"file":281,"line":228},"wpmm_reorder_col",{"action":375,"nopriv":316,"callback":375,"hasNonce":316,"hasCapCheck":316,"file":281,"line":327},"wpmm_drag_to_add_widget_item",{"action":377,"nopriv":316,"callback":377,"hasNonce":316,"hasCapCheck":316,"file":281,"line":333},"wpmm_edit_widget",{"action":379,"nopriv":316,"callback":379,"hasNonce":314,"hasCapCheck":316,"file":294,"line":380},"wpmm_rating_notice",1547,[],[383],{"tag":384,"callback":385,"file":294,"line":386},"wp_megamenu","wp_megamenu_shortcode",1497,[],11,{"dangerousFunctions":390,"sqlUsage":411,"outputEscaping":433,"fileOperations":494,"externalRequests":91,"nonceChecks":263,"capabilityChecks":252,"bundledLibraries":495},[391,395,398,401,403,406,409],{"fn":392,"file":251,"line":393,"context":394},"unserialize",173,"$post_data = unserialize(base64_decode($serilized_data));",{"fn":392,"file":262,"line":396,"context":397},122,"$post_data = unserialize($serilized_data);",{"fn":392,"file":294,"line":399,"context":400},92,"$options = unserialize($post->post_content);",{"fn":392,"file":294,"line":402,"context":400},121,{"fn":392,"file":294,"line":404,"context":405},1331,"if (($result = @unserialize($value)) === false) {",{"fn":392,"file":407,"line":224,"context":408},"installation\\class.wp-megamenu-initial-setup.php","$settings_option = unserialize($this->settings_option());",{"fn":392,"file":407,"line":410,"context":397},53,{"prepared":91,"raw":412,"locations":413},8,[414,417,419,421,424,427,430,432],{"file":238,"line":415,"context":416},1413,"$wpdb->get_results() with variable interpolation",{"file":251,"line":418,"context":416},48,{"file":251,"line":420,"context":416},58,{"file":251,"line":422,"context":423},212,"$wpdb->get_var() with variable interpolation",{"file":251,"line":425,"context":426},238,"$wpdb->query() with variable interpolation",{"file":251,"line":428,"context":429},261,"$wpdb->get_row() with variable interpolation",{"file":294,"line":431,"context":429},183,{"file":294,"line":14,"context":416},{"escaped":434,"rawEcho":219,"locations":435},266,[436,439,441,443,445,447,448,449,450,451,453,455,457,459,461,462,465,467,469,471,473,475,477,479,482,483,485,487,489,491],{"file":174,"line":437,"context":438},60,"raw output",{"file":174,"line":440,"context":438},125,{"file":174,"line":442,"context":438},126,{"file":174,"line":444,"context":438},244,{"file":174,"line":446,"context":438},245,{"file":181,"line":327,"context":438},{"file":181,"line":310,"context":438},{"file":184,"line":327,"context":438},{"file":184,"line":310,"context":438},{"file":184,"line":452,"context":438},220,{"file":195,"line":454,"context":438},955,{"file":238,"line":456,"context":438},1345,{"file":281,"line":458,"context":438},74,{"file":285,"line":460,"context":438},739,{"file":305,"line":354,"context":438},{"file":463,"line":464,"context":438},"views\\admin\\add_update_new_theme.php",118,{"file":463,"line":466,"context":438},133,{"file":463,"line":468,"context":438},149,{"file":463,"line":470,"context":438},714,{"file":463,"line":472,"context":438},720,{"file":463,"line":474,"context":438},1480,{"file":463,"line":476,"context":438},1486,{"file":463,"line":478,"context":438},3362,{"file":480,"line":481,"context":438},"views\\admin\\item_settings.php",95,{"file":480,"line":442,"context":438},{"file":480,"line":484,"context":438},138,{"file":480,"line":486,"context":438},161,{"file":480,"line":488,"context":438},182,{"file":480,"line":490,"context":438},190,{"file":492,"line":493,"context":438},"views\\admin\\themes_metabox_nav_menu.php",71,9,[496],{"name":497,"version":37,"knownCves":498},"Select2",[],[500,521,543,563,572,580,591,604,612,622,631,640,665,691,709,736],{"entryPoint":501,"graph":502,"unsanitizedCount":28,"severity":53},"wpmm_edit_widget (classes\\class.wp-megamenu-widgets.php:590)",{"nodes":503,"edges":518},[504,509,513],{"id":505,"type":506,"label":507,"file":281,"line":508},"n0","source","$_POST",594,{"id":510,"type":511,"label":512,"file":281,"line":508},"n1","transform","→ show_wpmm_widget_form()",{"id":514,"type":515,"label":516,"file":281,"line":458,"wp_function":517},"n2","sink","echo() [XSS]","echo",[519,520],{"from":505,"to":510,"sanitized":316},{"from":510,"to":514,"sanitized":316},{"entryPoint":522,"graph":523,"unsanitizedCount":27,"severity":53},"\u003Cclass.wp-megamenu-widgets> (classes\\class.wp-megamenu-widgets.php:0)",{"nodes":524,"edges":539},[525,528,532,535,537],{"id":505,"type":506,"label":526,"file":281,"line":527},"$_POST (x6)",230,{"id":510,"type":515,"label":529,"file":281,"line":530,"wp_function":531},"update_option() [Settings Manipulation]",241,"update_option",{"id":514,"type":506,"label":533,"file":281,"line":534},"$_POST (x2)",306,{"id":536,"type":511,"label":512,"file":281,"line":534},"n3",{"id":538,"type":515,"label":516,"file":281,"line":458,"wp_function":517},"n4",[540,541,542],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":316},{"from":536,"to":538,"sanitized":316},{"entryPoint":544,"graph":545,"unsanitizedCount":91,"severity":562},"export_wp_megamenu_nav_menu (classes\\class.wp-megamenu-export-import.php:22)",{"nodes":546,"edges":559},[547,549,553,555],{"id":505,"type":506,"label":548,"file":251,"line":324},"$_REQUEST",{"id":510,"type":515,"label":550,"file":251,"line":551,"wp_function":552},"fopen() [File Access]",131,"fopen",{"id":514,"type":506,"label":554,"file":251,"line":324},"$_REQUEST (x2)",{"id":536,"type":515,"label":556,"file":251,"line":557,"wp_function":558},"header() [Header Injection]",136,"header",[560,561],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},"low",{"entryPoint":564,"graph":565,"unsanitizedCount":91,"severity":562},"save_wpmm_settings (classes\\class.wp-megamenu-settings.php:23)",{"nodes":566,"edges":570},[567,568],{"id":505,"type":506,"label":507,"file":258,"line":327},{"id":510,"type":515,"label":529,"file":258,"line":569,"wp_function":531},49,[571],{"from":505,"to":510,"sanitized":314},{"entryPoint":573,"graph":574,"unsanitizedCount":91,"severity":562},"\u003Cclass.wp-megamenu-settings> (classes\\class.wp-megamenu-settings.php:0)",{"nodes":575,"edges":578},[576,577],{"id":505,"type":506,"label":507,"file":258,"line":327},{"id":510,"type":515,"label":529,"file":258,"line":569,"wp_function":531},[579],{"from":505,"to":510,"sanitized":314},{"entryPoint":581,"graph":582,"unsanitizedCount":91,"severity":562},"save_new_themes (classes\\class.wp-megamenu-themes.php:34)",{"nodes":583,"edges":589},[584,585],{"id":505,"type":506,"label":507,"file":262,"line":344},{"id":510,"type":515,"label":586,"file":262,"line":587,"wp_function":588},"wp_redirect() [Open Redirect]",57,"wp_redirect",[590],{"from":505,"to":510,"sanitized":314},{"entryPoint":592,"graph":593,"unsanitizedCount":91,"severity":562},"export_wpmm_theme (classes\\class.wp-megamenu-themes.php:79)",{"nodes":594,"edges":601},[595,597,598,599],{"id":505,"type":506,"label":507,"file":262,"line":596},89,{"id":510,"type":515,"label":550,"file":262,"line":90,"wp_function":552},{"id":514,"type":506,"label":533,"file":262,"line":596},{"id":536,"type":515,"label":556,"file":262,"line":600,"wp_function":558},104,[602,603],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},{"entryPoint":605,"graph":606,"unsanitizedCount":27,"severity":562},"wpmm_add_widget_to_item (classes\\class.wp-megamenu-widgets.php:227)",{"nodes":607,"edges":610},[608,609],{"id":505,"type":506,"label":533,"file":281,"line":527},{"id":510,"type":515,"label":529,"file":281,"line":530,"wp_function":531},[611],{"from":505,"to":510,"sanitized":316},{"entryPoint":613,"graph":614,"unsanitizedCount":91,"severity":562},"wpmm_delete_widget (classes\\class.wp-megamenu-widgets.php:359)",{"nodes":615,"edges":620},[616,618],{"id":505,"type":506,"label":533,"file":281,"line":617},365,{"id":510,"type":515,"label":529,"file":281,"line":619,"wp_function":531},388,[621],{"from":505,"to":510,"sanitized":314},{"entryPoint":623,"graph":624,"unsanitizedCount":27,"severity":562},"wpmm_drag_to_add_widget_item (classes\\class.wp-megamenu-widgets.php:482)",{"nodes":625,"edges":629},[626,628],{"id":505,"type":506,"label":533,"file":281,"line":627},491,{"id":510,"type":515,"label":529,"file":281,"line":298,"wp_function":531},[630],{"from":505,"to":510,"sanitized":316},{"entryPoint":632,"graph":633,"unsanitizedCount":27,"severity":562},"\u003Citem_settings> (views\\admin\\item_settings.php:0)",{"nodes":634,"edges":638},[635,636],{"id":505,"type":506,"label":533,"file":480,"line":27},{"id":510,"type":515,"label":516,"file":480,"line":637,"wp_function":517},210,[639],{"from":505,"to":510,"sanitized":316},{"entryPoint":641,"graph":642,"unsanitizedCount":28,"severity":39},"wpmm_import_menu (classes\\class.wp-megamenu-export-import.php:156)",{"nodes":643,"edges":660},[644,646,650,651,653,655,658],{"id":505,"type":506,"label":645,"file":251,"line":486},"$_FILES",{"id":510,"type":515,"label":647,"file":251,"line":648,"wp_function":649},"file_get_contents() [SSRF\u002FLFI]",167,"file_get_contents",{"id":514,"type":506,"label":645,"file":251,"line":486},{"id":536,"type":515,"label":652,"file":251,"line":393,"wp_function":392},"unserialize() [Object Injection]",{"id":538,"type":506,"label":645,"file":251,"line":654},171,{"id":656,"type":511,"label":657,"file":251,"line":654},"n5","→ wpmm_is_serialized()",{"id":659,"type":515,"label":652,"file":294,"line":404,"wp_function":392},"n6",[661,662,663,664],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},{"from":538,"to":656,"sanitized":316},{"from":656,"to":659,"sanitized":316},{"entryPoint":666,"graph":667,"unsanitizedCount":28,"severity":39},"\u003Cclass.wp-megamenu-export-import> (classes\\class.wp-megamenu-export-import.php:0)",{"nodes":668,"edges":684},[669,670,671,672,673,674,675,676,678,680,682],{"id":505,"type":506,"label":548,"file":251,"line":324},{"id":510,"type":515,"label":550,"file":251,"line":551,"wp_function":552},{"id":514,"type":506,"label":554,"file":251,"line":324},{"id":536,"type":515,"label":556,"file":251,"line":557,"wp_function":558},{"id":538,"type":506,"label":645,"file":251,"line":486},{"id":656,"type":515,"label":647,"file":251,"line":648,"wp_function":649},{"id":659,"type":506,"label":645,"file":251,"line":486},{"id":677,"type":515,"label":652,"file":251,"line":393,"wp_function":392},"n7",{"id":679,"type":506,"label":645,"file":251,"line":654},"n8",{"id":681,"type":511,"label":657,"file":251,"line":654},"n9",{"id":683,"type":515,"label":652,"file":294,"line":404,"wp_function":392},"n10",[685,686,687,688,689,690],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},{"from":538,"to":656,"sanitized":314},{"from":659,"to":677,"sanitized":314},{"from":679,"to":681,"sanitized":316},{"from":681,"to":683,"sanitized":316},{"entryPoint":692,"graph":693,"unsanitizedCount":28,"severity":39},"import_theme (classes\\class.wp-megamenu-themes.php:115)",{"nodes":694,"edges":704},[695,697,699,700,701,702,703],{"id":505,"type":506,"label":645,"file":262,"line":696},117,{"id":510,"type":515,"label":647,"file":262,"line":698,"wp_function":649},120,{"id":514,"type":506,"label":645,"file":262,"line":696},{"id":536,"type":515,"label":652,"file":262,"line":396,"wp_function":392},{"id":538,"type":506,"label":645,"file":262,"line":402},{"id":656,"type":511,"label":657,"file":262,"line":402},{"id":659,"type":515,"label":652,"file":294,"line":404,"wp_function":392},[705,706,707,708],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},{"from":538,"to":656,"sanitized":316},{"from":656,"to":659,"sanitized":316},{"entryPoint":710,"graph":711,"unsanitizedCount":28,"severity":39},"\u003Cclass.wp-megamenu-themes> (classes\\class.wp-megamenu-themes.php:0)",{"nodes":712,"edges":728},[713,714,715,716,717,718,719,720,721,722,723,724,726],{"id":505,"type":506,"label":507,"file":262,"line":344},{"id":510,"type":515,"label":586,"file":262,"line":587,"wp_function":588},{"id":514,"type":506,"label":507,"file":262,"line":596},{"id":536,"type":515,"label":550,"file":262,"line":90,"wp_function":552},{"id":538,"type":506,"label":533,"file":262,"line":596},{"id":656,"type":515,"label":556,"file":262,"line":600,"wp_function":558},{"id":659,"type":506,"label":645,"file":262,"line":696},{"id":677,"type":515,"label":647,"file":262,"line":698,"wp_function":649},{"id":679,"type":506,"label":645,"file":262,"line":696},{"id":681,"type":515,"label":652,"file":262,"line":396,"wp_function":392},{"id":683,"type":506,"label":645,"file":262,"line":402},{"id":725,"type":511,"label":657,"file":262,"line":402},"n11",{"id":727,"type":515,"label":652,"file":294,"line":404,"wp_function":392},"n12",[729,730,731,732,733,734,735],{"from":505,"to":510,"sanitized":314},{"from":514,"to":536,"sanitized":314},{"from":538,"to":656,"sanitized":314},{"from":659,"to":677,"sanitized":314},{"from":679,"to":681,"sanitized":314},{"from":683,"to":725,"sanitized":316},{"from":725,"to":727,"sanitized":316},{"entryPoint":737,"graph":738,"unsanitizedCount":753,"severity":39},"\u003Cadd_update_new_theme> (views\\admin\\add_update_new_theme.php:0)",{"nodes":739,"edges":749},[740,742,743,746,748],{"id":505,"type":506,"label":741,"file":463,"line":130},"$_GET (x5)",{"id":510,"type":515,"label":516,"file":463,"line":464,"wp_function":517},{"id":514,"type":506,"label":744,"file":463,"line":745},"$_GET (x257)",7,{"id":536,"type":511,"label":747,"file":463,"line":745},"→ get_wpmm_theme_option()",{"id":538,"type":515,"label":652,"file":294,"line":399,"wp_function":392},[750,751,752],{"from":505,"to":510,"sanitized":316},{"from":514,"to":536,"sanitized":316},{"from":536,"to":538,"sanitized":316},262,{"summary":755,"deductions":756},"The wp-megamenu plugin exhibits a mixed security posture. While it demonstrates good practices in output escaping (90%) and includes a healthy number of nonce and capability checks, significant concerns arise from its attack surface and historical vulnerability patterns. The presence of 11 AJAX handlers without authentication checks is a considerable risk, directly exposing these entry points to unauthorized access and potential exploitation. This is exacerbated by the critical taint analysis findings of 5 high severity flows with unsanitized paths, suggesting potential for data manipulation or privilege escalation.\n\nThe plugin's vulnerability history, with 2 known CVEs and a currently unpatched high-severity vulnerability, indicates a recurring pattern of security weaknesses, specifically in deserialization and cross-site scripting. The recent unpatched vulnerability is a major red flag, highlighting a lack of timely security patching. The use of dangerous functions like 'unserialize' without adequate sanitization on user-supplied data, coupled with 100% of SQL queries lacking prepared statements, further amplifies the risk of SQL injection and deserialization vulnerabilities.\n\nOverall, the plugin has some strengths in output sanitization and internal checks, but these are overshadowed by critical weaknesses in attack surface management, a concerning vulnerability history with unpatched issues, and fundamentally insecure coding practices in handling SQL queries and potentially deserialized data. The combination of these factors points to a plugin that requires immediate attention to address the existing unpatched vulnerability and to refactor insecure code patterns.",[757,760,762,764,766,768,770],{"reason":758,"points":759},"Unpatched high severity CVE",18,{"reason":761,"points":347},"High severity unsanitized taint flows",{"reason":763,"points":159},"AJAX handlers without auth checks",{"reason":765,"points":159},"SQL queries without prepared statements",{"reason":767,"points":412},"Dangerous function 'unserialize' found",{"reason":769,"points":306},"Flows with unsanitized paths",{"reason":771,"points":130},"Bundled library Select2","2026-03-16T17:52:21.326Z",{"wat":774,"direct":833},{"assetPaths":775,"generatorPatterns":803,"scriptPaths":804,"versionParams":805},[776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802],"\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fcss\u002Ffont-awesome.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fcss\u002Fresponsive.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fjs\u002Fimagesloaded.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fjs\u002Fisotope.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fjs\u002Fsuperfish.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fjs\u002Fwaypoints.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Faddons\u002Fwpmm-featuresbox\u002Fcss\u002Fwpmm-featuresbox.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Faddons\u002Fwpmm-featuresbox\u002Fjs\u002Fwpmm-featuresbox.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Faccordions\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Faccordions\u002Fjs\u002Faccordion.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fcategories\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fcategories\u002Fjs\u002Fcat.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fcontactinfo\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fcontactinfo\u002Fjs\u002Fcontact.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fimage\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fimage\u002Fjs\u002Fimage.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fposts\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fposts\u002Fjs\u002Fpost.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fsearch\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fsearch\u002Fjs\u002Fsearch.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Ftext\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Ftext\u002Fjs\u002Ftext.js","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fvideo\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-megamenu\u002Fwidgets\u002Fvideo\u002Fjs\u002Fvideo.js",[],[780,781,782,783,784,786,788,790,792,794,796,798,800,802],[806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832],"wp-megamenu\u002Fcss\u002Ffrontend.css?ver=","wp-megamenu\u002Fcss\u002Ffont-awesome.min.css?ver=","wp-megamenu\u002Fcss\u002Fresponsive.css?ver=","wp-megamenu\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fjs\u002Ffrontend.js?ver=","wp-megamenu\u002Fjs\u002Fimagesloaded.min.js?ver=","wp-megamenu\u002Fjs\u002Fisotope.min.js?ver=","wp-megamenu\u002Fjs\u002Fsuperfish.js?ver=","wp-megamenu\u002Fjs\u002Fwaypoints.min.js?ver=","wp-megamenu\u002Faddons\u002Fwpmm-featuresbox\u002Fcss\u002Fwpmm-featuresbox.css?ver=","wp-megamenu\u002Faddons\u002Fwpmm-featuresbox\u002Fjs\u002Fwpmm-featuresbox.js?ver=","wp-megamenu\u002Fwidgets\u002Faccordions\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Faccordions\u002Fjs\u002Faccordion.js?ver=","wp-megamenu\u002Fwidgets\u002Fcategories\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fcategories\u002Fjs\u002Fcat.js?ver=","wp-megamenu\u002Fwidgets\u002Fcontactinfo\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fcontactinfo\u002Fjs\u002Fcontact.js?ver=","wp-megamenu\u002Fwidgets\u002Fimage\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fimage\u002Fjs\u002Fimage.js?ver=","wp-megamenu\u002Fwidgets\u002Fposts\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fposts\u002Fjs\u002Fpost.js?ver=","wp-megamenu\u002Fwidgets\u002Fsearch\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fsearch\u002Fjs\u002Fsearch.js?ver=","wp-megamenu\u002Fwidgets\u002Ftext\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Ftext\u002Fjs\u002Ftext.js?ver=","wp-megamenu\u002Fwidgets\u002Fvideo\u002Fcss\u002Fstyle.css?ver=","wp-megamenu\u002Fwidgets\u002Fvideo\u002Fjs\u002Fvideo.js?ver=",{"cssClasses":834,"htmlComments":844,"htmlAttributes":845,"restEndpoints":848,"jsGlobals":849,"shortcodeOutput":851},[835,836,837,838,839,840,841,842,843],"wpmm-feature-box","wpmmlayout1","wpmmtextleft","wpmm-feature-item","wpmm-feature-title","wpmm-feature-desc","wpmm-featurebox-hcolor","wpmm-featurebox-btn","wpmmbtnsize_m",[],[846,847],"data-hover-color","data-hover-bg-color",[],[850],"wpmm_featuresbox_widget",[]]