Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.11 views

CVE-2023-0550

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu...

8.1CVSS6.6AI score0.0065EPSS
Exploits1References1
0day.today
0day.today
added 2023/02/03 12:0 a.m.312 views

WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization Vulnerabilities

On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference,...

7.6CVSS5.5AI score0.0065EPSS
Exploits1
Wordfence Blog
Wordfence Blog
added 2023/02/01 4:7 p.m.38 views

Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin

On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to Missing Authorization, Insecure Direct Object Reference,...

0.3AI score0.0065EPSS
Exploits1
Patchstack
Patchstack
added 2023/01/30 12:0 a.m.17 views

WordPress Quick Restaurant Menu Plugin <= 2.0.2 is vulnerable to Insecure Direct Object References (IDOR)

Software Quick Restaurant Menu Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.1.0 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-0550 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 53344b864cc7 Credits Marco...

7.6CVSS6.5AI score0.0065EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/27 8:17 p.m.12 views

CVE-2023-0550 Quick Restaurant Menu <= 2.0.2 - Insecure Direct Object Reference

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu...

8.1CVSS6.1AI score0.0065EPSS
Exploits1References4
CVE
CVE
added 2023/01/27 8:17 p.m.77 views

CVE-2023-0550

The CVE-2023-0550 entry concerns the Quick Restaurant Menu WordPress plugin (versions

8.1CVSS4.7AI score0.0065EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder