Arbitrary Menu Deletion via Cross-Site Request Forgery (CSRF) vulnerability discovered by Krzysztof Zając in WordPress Float menu plugin (versions <= 4.3).
Update the WordPress Float menu plugin to the latest available version (at least 4.3.1).