2 matches found
CVE-2025-8491
The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsceprmsavemenu function. This makes it possible for unauthenticated attackers to upload a men...
WordPress Easy restaurant menu manager plugin <= 2.0.2 - Cross-Site Request Forgery to Menu Upload vulnerability
Cross-Site Request Forgery to Menu Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Easy pdf restaurant menu upload versions = 2.0.2...