CVE-2025-7013

Published: Jan 29, 2026Modified: Mar 9, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Exploitation of Trusted Identifiers.This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected (1)

Products: Qrmenumpro: Menu Panel

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qrmenumpro Menu Panel	Up to 29012026

Related CWEs

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (1)

https://www.usom.gov.tr/bildirim/tr-26-0007

Source: iletisim@usom.gov.tr

Third Party Advisory

Timeline

No history available yet.