Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/06/11 12:33 p.m.8 views

WordPress Restaurant Cafeteria theme <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability

Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Theme Restaurant Cafeteria versions = 0.4.6...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/28 6:30 a.m.5 views

EUVD-2025-209110

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

6AI score0.0022EPSS
Exploits0References2
NVD
NVD
added 2026/03/28 6:16 a.m.4 views

CVE-2025-15445

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

5.4CVSS0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/28 6:0 a.m.1 views

CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

6AI score0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/28 6:0 a.m.4 views

CVE-2025-15445

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

5.4CVSS6AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/03/28 6:0 a.m.12 views

CVE-2025-15445

The CVE-2025-15445 entry relates to the WordPress theme Restaurant Cafeteria up to version 0.4.6. The issue is insecure admin-ajax actions that lack nonce or capability checks, enabling any logged-in user (e.g., a subscriber) to perform privileged operations. The documented impact includes arbitr...

5.4CVSS6AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/28 6:0 a.m.29 views

CVE-2025-15445 Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/Activation

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/28 12:0 a.m.4 views

WordPress plugin Restaurant Cafeteria 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS6AI score0.0022EPSS
Exploits0References2
Rows per page
Query Builder