The plugin does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack
https://example.com/wp-admin/admin.php?page=float-menu&info=delete&did=1
Krzysztof Zając
Krzysztof Zając
Yes
2022-01-24 (about 1 years ago)
2022-01-24 (about 1 years ago)
2022-04-11 (about 9 months ago)