Monster Menus Project Monster Menus — known CVE vulnerabilities
Every CVE whose affected-product data names Monster Menus Project Monster Menus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2013-4230 — CVSS 6.0 (medium): The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly…
CVE-2015-8095 — CVSS 5.0 (medium): The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which…
CVE-2024-13288 — CVSS 4.3 (medium): Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from…
CVE-2013-4504 — CVSS 2.6 (low): The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comments via a crafted URL.
CVE-2013-4229 — CVSS 2.1 (low): Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users…