CVE-2026-32440

Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Food: from n/a through 2.7.1...

PT-2026-25286

CVE-2026-32440 Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Food https://t.co/EuPvcAK01C...

WordPress plugin WP Food 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2025-10796

Malicious code in bioql PyPI...

CVE-2025-31040

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Exthemes WP Food ordering and Restaurant Menu wp-food allows PHP Local File Inclusion.This issue affects WP Food ordering and Restaurant Menu: from n/a through = 2.7...

CVE-2025-31040

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Exthemes WP Food ordering and Restaurant Menu wp-food allows PHP Local File Inclusion.This issue affects WP Food ordering and Restaurant Menu: from n/a through = 2.7...

CVE-2025-31040

CVE-2025-31040 is an unauthenticated Local File Inclusion in the WordPress plugin “WP Food ordering and Restaurant Menu” (versions up to 1.1). The root cause is improper handling of filenames in PHP include/require, enabling LFI. The Wordfence vulnerability entry notes the flaw in WP Food orderin...

CVE-2025-31040 WordPress WP Food ordering and Restaurant Menu plugin <= 2.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Exthemes WP Food ordering and Restaurant Menu wp-food allows PHP Local File Inclusion.This issue affects WP Food ordering and Restaurant Menu: from n/a through = 2.7...

PT-2025-16044 · WordPress · Wp Food Ordering/Restaurant Menu

Name of the Vulnerable Software and Affected Versions: WP Food ordering and Restaurant Menu versions 1.1 and earlier Description: The issue is related to an improper control of filename for include/require statement in PHP program, also known as PHP Remote File Inclusion, which allows PHP Local...

CVE-2023-0604

The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-0604

CVE-2023-0604 : The WP Food Manager WordPress plugin (versions before 1.0.4) does not sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). The evidence from connected advisories confirms the vulnera...