Lucene search
K

15 matches found

Patchstack
Patchstack
added 2026/06/11 12:33 p.m.11 views

WordPress Restaurant Cafeteria theme <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability

Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Theme Restaurant Cafeteria versions = 0.4.6...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/28 6:30 a.m.5 views

EUVD-2025-209110

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

6AI score0.0022EPSS
Exploits0References2
NVD
NVD
added 2026/03/28 6:16 a.m.5 views

CVE-2025-15445

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

5.4CVSS0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/28 6:0 a.m.1 views

CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

6AI score0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/28 6:0 a.m.4 views

CVE-2025-15445

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

5.4CVSS6AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/28 6:0 a.m.29 views

CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/03/28 6:0 a.m.12 views

CVE-2025-15445

The CVE-2025-15445 entry relates to the WordPress theme Restaurant Cafeteria up to version 0.4.6. The issue is insecure admin-ajax actions that lack nonce or capability checks, enabling any logged-in user (e.g., a subscriber) to perform privileged operations. The documented impact includes arbitr...

5.4CVSS6AI score0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/28 12:0 a.m.7 views

WordPress plugin Restaurant Cafeteria 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS6AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4569

Malware in sbrugna...

4.3CVSS6.4AI score0.01285EPSS
Exploits1References7
CNVD
CNVD
added 2020/03/16 12:0 a.m.0 views

SQL Injection Vulnerability in Microcontrol Smart Cafeteria Management System of Shenzhen Microcontrol One Finger Technology Co.

Shenzhen Micro-control One Finger Technology is a value-integrated enterprise that aspires to biometrics technology research as well as applied product development, production, consulting, sales and service. Shenzhen Micro-control One Finger Technology Co., Ltd Micro-control Smart Cafeteria...

7.6AI score
Exploits0
HackRead
HackRead
added 2017/11/06 12:42 p.m.57 views

School cafeteria TV monitor plays porn leaving students baffled

By Carolina A Clayton County, Georgia, high school played pornographic content on its This is a post from HackRead.com Read the original post: School cafeteria TV monitor plays porn leaving students baffled...

6.9AI score
Exploits0
Prion
Prion
added 2007/08/29 1:17 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...

4.3CVSS6.3AI score0.01285EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/08/29 1:17 a.m.13 views

CVE-2007-4587

Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...

4.3CVSS5.8AI score0.01285EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/08/29 1:0 a.m.21 views

CVE-2007-4587

Cross-site scripting XSS vulnerability in Easy Software Cafeteria escafeWeb aka Tuigwaa 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties...

5.8AI score0.01285EPSS
Exploits1References6
CVE
CVE
added 2007/08/29 1:0 a.m.45 views

CVE-2007-4587

Tuigwaa (Easy Software Cafeteria escafeWeb) is affected by CVE-2007-4587. The JVN entry confirms a cross-site scripting (XSS) vulnerability in escafeWeb/Tuigwaa versions 1.0 through 1.0.4, exploitable via unspecified vectors (potentially tied to option.nopage.create in tuigwaa.properties). The im...

4.3CVSS5.9AI score0.01285EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder