Lucene search
PtsfencePATCHSTACK:BBA8D64FC693DCF271015BB06D70FA24HistoryOct 31, 2022 - 12:00 a.m.
WordPress Restaurant Menu <= 2.3.0 - Missing Authorization on AJAX Actions vulnerability
2022-10-3100:00:00
ptsfence
patchstack.com
6
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Missing Authorization on AJAX Actions vulnerability discovered by ptsfence in WordPress Restaurant Menu (versions <= 2.3.0).
Solution
Update the WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin to the latest available version (at least 2.3.1).
| CPE | Name | Operator | Version |
|---|---|---|---|
| restaurant menu – food ordering system – table reservation | le | 2.3.0 |
Related
wpvulndb
wpvulndb
Restaurant Menu < 2.3.1 - Unauthorised AJAX Calls
2022-10-31 00:00:00
cvelist
cvelist
CVE-2022-2696
2022-11-03 16:29:51
prion
prion
Authorization
2022-11-03 17:15:00
cve
cve
CVE-2022-2696
2022-11-03 17:15:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Related for PATCHSTACK:BBA8D64FC693DCF271015BB06D70FA24