CVE-2025-47580

Missing Authorization vulnerability in Rustaurius Front End Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through 3.2.32...

CVE-2025-47580

CVE-2025-47580 (WordPress Front End Users plugin) : A Missing Authorization vulnerability exists in Front End Users up to version 3.2.32 that allows exploitation of misconfigured access control to access restricted information. A patch is available; update to 3.2.35+ (as noted by Patchstack) to r...

PT-2025-21344 · Unknown · Rustaurius Front End Users

Name of the Vulnerable Software and Affected Versions: Rustaurius Front End Users versions 3.2.32 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...

CVE-2025-47466

Cross-Site Request Forgery CSRF vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...

CVE-2025-47490

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...

CVE-2025-47490

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...

CVE-2025-47466

Cross-Site Request Forgery CSRF vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...

CVE-2025-47490

CVE-2025-47490 is a WordPress vulnerability in the Ultimate WP Mail plugin (versions up to 1.3.4) causing SQL Injection due to improper neutralization of input in SQL commands. Documented references show the issue affects Ultimate WP Mail

CVE-2025-47490 WordPress Ultimate WP Mail <= 1.3.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail allows SQL Injection. This issue affects Ultimate WP Mail: from n/a through 1.3.4...

CVE-2025-47490 WordPress Ultimate WP Mail plugin <= 1.3.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL Injection.This issue affects Ultimate WP Mail: from n/a through = 1.3.4...

PT-2025-20097 · WordPress · Rustaurius Ultimate Wp Mail

Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For Rustaurius...

PT-2025-20116 · Unknown · Rustaurius Ultimate Wp Mail

Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.4 and below Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows unauthorized access and enables...

CVE-2025-32694

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Phishing.This issue affects Ultimate WP Mail: from n/a through = 1.3.10...

CVE-2025-30861

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.6.29...

CVE-2025-30861

CVE-2025-30861 pertains to Five Star Restaurant Reservations (WordPress Booking Plugin) with affected versions up to 2.6.29. The issue is a Missing Authorization vulnerability enabling access-control bypass. CVSSv3.1 metrics in the initial document show: AV:N, AC:L, PR:H, UI:N, S:U, C:N, I:N, A:H...

WordPress plugin Rustaurius Five Star Restaurant Reservations 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-26877

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users front-end-only-users allows Stored XSS.This issue affects Front End Users: from n/a through = 3.2.30...

CVE-2025-26877

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users allows Stored XSS. This issue affects Front End Users: from n/a through 3.2.30...

CVE-2025-26877

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users front-end-only-users allows Stored XSS.This issue affects Front End Users: from n/a through = 3.2.30...

CVE-2025-26877 WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users front-end-only-users allows Stored XSS.This issue affects Front End Users: from n/a through = 3.2.30...