Lucene search
K

35 matches found

Cvelist
Cvelist
added 2026/06/25 1:12 p.m.30 views

CVE-2026-54830 WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...

7.5CVSS0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.6 views

CVE-2026-54830

Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/17 2:7 p.m.6 views

WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Vincent Sevkli in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.19...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/02 10:41 a.m.39 views

CVE-2026-42670 WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability

Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...

0.00252EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 10:41 a.m.20 views

CVE-2026-42670

CVE-2026-42670 concerns the WordPress plugin for Five Star Restaurant Reservations (versions

7.5CVSS5.8AI score0.00252EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/12 11:29 p.m.8 views

WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability

Payment Bypass vulnerability discovered by Evan in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.14...

5.8AI score0.00252EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 9:29 a.m.4 views

CVE-2026-6498

The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the validpayment function using a PHP loose comparison == between the attacker-controlled paymentid POST parameter and the...

5.3CVSS5.4AI score0.00185EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36086

Name of the Vulnerable Software and Affected Versions Five Star Restaurant Reservations versions prior to 2.7.17 Description A payment bypass exists due to PHP type juggling, which occurs when a loose comparison is used between different data types, potentially leading to unexpected true results...

5.3CVSS5.4AI score0.00185EPSS
Exploits0References10
NVD
NVD
added 2026/03/25 5:16 p.m.5 views

CVE-2026-25327

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

6.5CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.9 views

CVE-2026-25327

CVE-2026-25327 concerns the WordPress plugin Five Star Restaurant Reservations (restaurant-reservations) with versions up to and including 2.7.9. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unauthorized access. Affec...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.29 views

CVE-2026-25327 WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

6.5CVSS0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.3 views

PT-2026-27899

Name of the Vulnerable Software and Affected Versions Rustaurius Five Star Restaurant Reservations versions through 2.7.9 Description An authorization issue exists in Rustaurius Five Star Restaurant Reservations restaurant-reservations, allowing exploitation due to incorrectly configured access...

6.5CVSS5.9AI score0.00209EPSS
Exploits0References3
NVD
NVD
added 2026/02/02 7:16 a.m.7 views

CVE-2026-0658

The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...

4.3CVSS0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/02 6:0 a.m.5 views

EUVD-2026-5124

The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...

4.3CVSS5.4AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/02/02 6:0 a.m.11 views

CVE-2026-0658

The CVE affects the Five Star Restaurant Reservations WordPress plugin (before 2.7.9). Root cause: missing CSRF protections in some bulk actions, enabling a logged-in admin to perform unintended actions (e.g., deleting bookings) via CSRF. Impact described as potential unauthorized admin actions; ...

4.3CVSS5.9AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/02 6:0 a.m.33 views

CVE-2026-0658 Five Star Restaurant Reservations < 2.7.9 - Arbitrary Bookings Deletion via CSRF

The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...

0.00133EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 11:17 a.m.5 views

CVE-2025-68044

Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.4...

8.6CVSS0.00229EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/05 10:40 a.m.29 views

CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.4...

8.6CVSS0.00229EPSS
Exploits0References1
CVE
CVE
added 2026/01/05 10:40 a.m.16 views

CVE-2025-68044

CVE-2025-68044 affects Five Star Restaurant Reservations (WordPress Booking Plugin). Affected versions ≤ 2.7.4 expose an unauthenticated IDOR via a user-controlled key, enabling authorization bypass. Reported as Unauthenticated/IDOR with CVSS v3.1 base score 8.6 ( HIGH ); impact per the docs incl...

8.6CVSS5.9AI score0.00229EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/05 10:40 a.m.4 views

CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through 2.7.8...

8.6CVSS6.6AI score0.00229EPSS
Exploits0References1
Rows per page
Query Builder