Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WP Food Manager – WordPress Restaurant Menu Plugin 1.0.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 17, 2023

The WP Food Manager plugin is vulnerable to a type of attack known as Stored Cross-Site Scripting when using versions up to 1.0.3. This type of attack allows someone with administrator-level access to inject malicious scripts into a website. When a user visits the page with the malicious code, the code can take control of the user’s actions on the page, or even steal personal information. This type of attack is only possible if the website is a multi-site installation or if a special type of security, known as unfiltered_html, has been disabled.

Detected in:

WP Food Manager – Restaurant Menu & Online Food Ordering for WooCommerce – Food Delivery & Pickup – Table Reservation fixed vulnerable versions:
WP Food Manager – WordPress Restaurant Menu Plugin fixed vulnerable versions: >= * <= 1.0.3

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.