Lucene search
K

30 matches found

Patchstack
Patchstack
added 2024/06/25 12:0 a.m.15 views

WordPress WPCafe Plugin <= 2.2.25 is vulnerable to Local File Inclusion

Software WPCafe Type Plugin Vulnerable versions = 2.2.25 Fixed in 2.2.26 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-5431 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e886268b6378 Credits Krzysztof Zając Required privilege Contributor...

8.8CVSS7.2AI score0.00593EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/05/31 7:15 a.m.24 views

CVE-2024-5427

The WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Reservation Form shortcode in all versions up to, and including, 2.2.24 due to insufficient input sanitization and outp...

6.4CVSS5.9AI score0.00321EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/05/31 2:38 a.m.4 views

WordPress WPCafe plugin <= 2.2.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Reservation Form Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Reservation Form Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin WPCafe versions = 2.2.24...

6.4CVSS5.8AI score0.00321EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/31 12:0 a.m.11 views

PT-2024-36150 · WordPress · Wpcafe

Name of the Vulnerable Software and Affected Versions: WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress versions up to, and including, 2.2.24 Description: The issue arises from insufficient input sanitization and output escaping on...

6.4CVSS6.5AI score0.00321EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/05/23 1:56 a.m.20 views

CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery

The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...

5.3CVSS7AI score0.00436EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/23 12:0 a.m.11 views

WordPress WPCafe Plugin <= 2.2.23 is vulnerable to Server Side Request Forgery (SSRF)

Software WPCafe Type Plugin Vulnerable versions = 2.2.23 Fixed in 2.2.24 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-1855 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID ae70d23ac201 Credits Lucio Sá Required privilege...

5.3CVSS6.9AI score0.00436EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/05/23 12:0 a.m.5 views

WordPress plugin WPCafe 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS6.6AI score0.00436EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.6 views

PT-2024-18365 · WordPress · Wpcafe – Restaurant Menu

Name of the Vulnerable Software and Affected Versions: WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress versions up to, and including, 2.2.23 Description: The issue allows unauthenticated attackers to make web requests to...

5.3CVSS7.2AI score0.00436EPSS
Exploits0References8
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.17 views

WPCafe < 2.2.23 - Missing Authorization

Description The plugin is vulnerable to unauthorized access, modification, or loss of data due to a missing capability check on an unknown function, allowing unauthenticated attackers to make use of the unprotected functionality...

9.4AI score0.0049EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/15 12:0 a.m.11 views

WordPress WPCafe Plugin <= 2.2.22 is vulnerable to Broken Access Control

Software WPCafe Type Plugin Vulnerable versions = 2.2.22 Fixed in 2.2.23 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47805 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID b94e1d5fde71 Credits Abdi Pranata Required privileg...

6.5AI score0.0049EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder