[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fG5vDmDYPhnJDk0YXj-waG_ellwrRBTRG8BJg3kAwlpE":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-b5111eb6-b4b3-4b18-9de3-577c323eaab8-advance-menu-manager","advanced-menu-manager-authenticated-subscriber-menu-creationdeletion","Advanced Menu Manager \u003C= 3.0.6 - Authenticated (Subscriber+) Menu Creation\u002FDeletion","The Advanced Menu Manager plugin for WordPress is vulnerable to Arbitrary Menu Creation\u002FDeletion in versions up to, and including, 3.0.6. This is due to missing capability and nonce checks in its 'my_action_delete_menu' and 'my_action_create_menu_ajax' AJAX actions. This makes it possible for authenticated attackers (unauthenticated if performed via CSRF) to create and\u002For delete arbitrary menus.","advance-menu-manager",null,"\u003C=3.0.6","3.0.7","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Missing Authorization","2021-07-12 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb5111eb6-b4b3-4b18-9de3-577c323eaab8?source=api-prod",925]