3 matches found
CVE-2023-5340
The CVE-2023-5340 affects the Five Star Restaurant Menu and Food Ordering WordPress plugin prior to version 2.4.11. The issue is unauthenticated deserialization via an AJAX action, enabling PHP Object Injection when a suitable gadget is present on the blog. Remediation: upgrade to version 2.4.11 ...
CVE-2024-5459
CVE-2024-5459 affects the Restaurant Menu and Food Ordering plugin for WordPress. All versions up to 2.4.16 are vulnerable due to missing capability checks on add_section, add_menu, add_menu_item, and add_menu_page, enabling authenticated users with Subscriber-level access and above to create men...
CVE-2023-37985
Technical details beyond the Initial Description are not provided in the connected documents. CVE-2023-37985 is described as a CSRF vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin