35 matches found
CVE-2026-54830 WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
CVE-2026-54830
Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...
WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Vincent Sevkli in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.19...
CVE-2026-42670 WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
CVE-2026-42670
CVE-2026-42670 concerns the WordPress plugin for Five Star Restaurant Reservations (versions
WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability
Payment Bypass vulnerability discovered by Evan in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.14...
CVE-2026-6498
The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the validpayment function using a PHP loose comparison == between the attacker-controlled paymentid POST parameter and the...
PT-2026-36086
Name of the Vulnerable Software and Affected Versions Five Star Restaurant Reservations versions prior to 2.7.17 Description A payment bypass exists due to PHP type juggling, which occurs when a loose comparison is used between different data types, potentially leading to unexpected true results...
CVE-2026-25327
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...
CVE-2026-25327
CVE-2026-25327 concerns the WordPress plugin Five Star Restaurant Reservations (restaurant-reservations) with versions up to and including 2.7.9. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unauthorized access. Affec...
CVE-2026-25327 WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...
PT-2026-27899
Name of the Vulnerable Software and Affected Versions Rustaurius Five Star Restaurant Reservations versions through 2.7.9 Description An authorization issue exists in Rustaurius Five Star Restaurant Reservations restaurant-reservations, allowing exploitation due to incorrectly configured access...
CVE-2026-0658
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
EUVD-2026-5124
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
CVE-2026-0658
The CVE affects the Five Star Restaurant Reservations WordPress plugin (before 2.7.9). Root cause: missing CSRF protections in some bulk actions, enabling a logged-in admin to perform unintended actions (e.g., deleting bookings) via CSRF. Impact described as potential unauthorized admin actions; ...
CVE-2026-0658 Five Star Restaurant Reservations < 2.7.9 - Arbitrary Bookings Deletion via CSRF
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
CVE-2025-68044
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.4...
CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.4...
CVE-2025-68044
CVE-2025-68044 affects Five Star Restaurant Reservations (WordPress Booking Plugin). Affected versions ≤ 2.7.4 expose an unauthenticated IDOR via a user-controlled key, enabling authorization bypass. Reported as Unauthenticated/IDOR with CVSS v3.1 base score 8.6 ( HIGH ); impact per the docs incl...
CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through 2.7.8...