15 matches found
WordPress Restaurant Cafeteria theme <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability
Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Theme Restaurant Cafeteria versions = 0.4.6...
EUVD-2025-209110
The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...
CVE-2025-15445
The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...
CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation
The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...
CVE-2025-15445
The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...
CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation
The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...
CVE-2025-15445
The CVE-2025-15445 entry relates to the WordPress theme Restaurant Cafeteria up to version 0.4.6. The issue is insecure admin-ajax actions that lack nonce or capability checks, enabling any logged-in user (e.g., a subscriber) to perform privileged operations. The documented impact includes arbitr...
WordPress plugin Restaurant Cafeteria 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2007-4569
Malware in sbrugna...
SQL Injection Vulnerability in Microcontrol Smart Cafeteria Management System of Shenzhen Microcontrol One Finger Technology Co.
Shenzhen Micro-control One Finger Technology is a value-integrated enterprise that aspires to biometrics technology research as well as applied product development, production, consulting, sales and service. Shenzhen Micro-control One Finger Technology Co., Ltd Micro-control Smart Cafeteria...
School cafeteria TV monitor plays porn leaving students baffled
By Carolina A Clayton County, Georgia, high school played pornographic content on its This is a post from HackRead.com Read the original post: School cafeteria TV monitor plays porn leaving students baffled...
Cross site scripting
Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...
CVE-2007-4587
Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...
CVE-2007-4587
Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...
CVE-2007-4587
Tuigwaa (Easy Software Cafeteria escafeWeb) is affected by CVE-2007-4587. The JVN entry confirms a cross-site scripting (XSS) vulnerability in escafeWeb/Tuigwaa versions 1.0 through 1.0.4, exploitable via unspecified vectors (potentially tied to option.nopage.create in tuigwaa.properties). The im...