94 matches found
WordPress plugin WPCafe security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce < 2.2.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Reservation Form Shortcode
Description The WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Reservation Form shortcode in all versions up to, and including, 2.2.24 due to insufficient input...
WordPress WPCafe plugin <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery vulnerability
Unauthenticated Blind Server-Side Request Forgery vulnerability discovered by Lucio Sá in WordPress Plugin WPCafe versions = 2.2.23...
CVE-2024-1855
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...
CVE-2024-1855
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...
CVE-2024-1855
CVE-2024-1855 affects the WPCafe – Online Food Ordering, Restaurant Menu, Delivery and Reservations for WordPress. The vulnerability is a Server-Side Request Forgery (SSRF) in all versions up to 2.2.23, exploitable via the wpc_check_for_submission function. This allows unauthenticated attackers t...
CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...
CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for unauthenticated...
WordPress plugin WPCafe 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress WPCafe Plugin <= 2.2.23 is vulnerable to Server Side Request Forgery (SSRF)
Software WPCafe Type Plugin Vulnerable versions = 2.2.23 Fixed in 2.2.24 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-1855 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID ae70d23ac201 Credits Lucio Sá Required privilege...
WPCafe < 2.2.24 - Unauthenticated Blind Server-Side Request Forgery
Description The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpccheckforsubmission function. This makes it possible for...
PT-2024-18365 · WordPress · Wpcafe – Restaurant Menu
Name of the Vulnerable Software and Affected Versions: WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress versions up to, and including, 2.2.23 Description: The issue allows unauthenticated attackers to make web requests to...
WPCafe < 2.2.23 - Missing Authorization
Description The plugin is vulnerable to unauthorized access, modification, or loss of data due to a missing capability check on an unknown function, allowing unauthenticated attackers to make use of the unprotected functionality...
WordPress WPCafe Plugin <= 2.2.22 is vulnerable to Broken Access Control
Software WPCafe Type Plugin Vulnerable versions = 2.2.22 Fixed in 2.2.23 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47805 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID b94e1d5fde71 Credits Abdi Pranata Required privileg...