CVE-2021-24162

Name of the Vulnerable Software and Affected Versions: Reponsive Menu versions prior to 4.0.4

Description: The issue allows attackers to craft a request and trick an administrator into importing new settings that could be modified to include malicious JavaScript. This enables an attacker to inject payloads, potentially leading to further infection of the site.

Recommendations: For versions prior to 4.0.4, update to version 4.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's settings import functionality to minimize the risk of exploitation. Avoid using the plugin's settings import feature until the issue is resolved.