Monster Menus Project: >> Monster Menus >> 7.x-1.13 Security Vulnerabilities
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-01-09
Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-09
The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern.
CVSS Score
5.0
EPSS Score
0.003
Published
2015-11-09
The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comments via a crafted URL.
CVSS Score
2.6
EPSS Score
0.003
Published
2014-05-13