CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Fivestarplugins 1Five Star Restaurant Menu Apr 8, 2026 Jun 5, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'add_section', 'add_menu', 'add_menu_item', and 'add_menu_page' functions in...Show more |
1Fivestarplugins 1Five Star Restaurant Menu Apr 28, 2026 Feb 5, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Reviews allows Stored XSS.This issue affects Five Star Restaurant Reviews: from...Show more |
1Fivestarplugins 1Five Star Restaurant Menu Nov 21, 2024 Nov 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to perform PHP Object Injection when a suitable...Show more |
1Fivestarplugins 1Five Star Restaurant Menu Nov 21, 2024 Jul 25, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FiveStarPlugins Five Star Restaurant Reservations plugin <= 2.6.7 versions. |
1Fivestarplugins 1Five Star Restaurant Menu Nov 21, 2024 Jul 17, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin <= 2.4.6 versions. |
1Fivestarplugins 1Five Star Restaurant Menu Nov 21, 2024 Mar 11, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-mana...Show more |