PT-2023-16355 · WordPress · Quick Restaurant Menu

Name of the Vulnerable Software and Affected Versions: Quick Restaurant Menu plugin for WordPress versions up to, and including, 2.0.2 Description: The issue arises from Insecure Direct Object Reference, where the plugin fails to verify the post ID provided to the AJAX action during menu item...

Quick Restaurant Menu < 2.1.0 - Subscriber+ Arbitrary Post Deletion/Updating

The plugin does not ensure that the menu to be deleted/updated is actually a menu, and does not have authorisation in the related AJAX actions, which could allow any authenticated users, such as subscriber, to delete and update arbitrary posts...

PT-2023-16359 · WordPress · Quick Restaurant Menu

Name of the Vulnerable Software and Affected Versions: The Quick Restaurant Menu plugin for WordPress versions up to, and including, 2.0.2 Description: The issue allows authenticated attackers with subscriber-level permissions and above to bypass authorization and invoke actions intended for...

Login Logout Menu <= 1.3.3 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks login edittag=' onmouseover="alert1"'...

Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The plugin does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order PoC Open the below HTML while being logged in as a subscriber...

Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRF

The plugin lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack...

Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The plugin does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order Open the below HTML while being logged in as a subscriber...

CVE-2022-4625

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4625

The vulnerability CVE-2022-4625 affects the WordPress plugin Login Logout Menu prior to version 1.4.0. The issue stems from not validating and escaping certain shortcode attributes before outputting them, enabling Stored Cross-Site Scripting that can be triggered by a user with low privileges (as...

CVE-2022-4625 Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4625 Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode

The Login Logout Menu WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

WordPress plugin Login Logout Menu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Vertical Icon Menu Type Plugin Vulnerable versions = 1.5.8 Fixed in 1.5.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23870 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 33c1eabeea35 Credits Rio...

WordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Responsive Vertical Icon Menu Type Plugin Vulnerable versions = 1.5.8 Fixed in 1.5.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23983 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c73c1f99ee57 Credits yuyud...

WordPress Bubble Menu – circle floating menu Plugin <= 3.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Bubble Menu – circle floating menu Type Plugin Vulnerable versions = 3.0.1 Fixed in 3.0.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23984 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 42453f381852 Credits...

Bubble Menu - Circle Floating Menu < 3.0.2 - Form Deletion via CSRF

The plugin does not have CSRF checks when deleting forms, which could allow attackers to make logged in users perform such actions via a CSRF attack...

Online Food Ordering System Arbitrary File Upload Vulnerability (CNVD-2023-06523)

Online Food Ordering System is an online food ordering system. Online Food Ordering System suffers from an arbitrary file upload vulnerability, which stems from a lack of validation of the uploaded file in the file /fos/admin/index.php?page=menu of the component Menu Form, and can be exploited by...

Restaurant Menu < 2.3.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC The exploit requires at least a...

Restaurant Menu < 2.3.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks The exploit requires at least a contributor...

CVE-2023-0257

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input...