Fivestarplugins Five Star Restaurant Menu — known CVE vulnerabilities
Every CVE whose affected-product data names Fivestarplugins Five Star Restaurant Menu, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-29045 — CVSS 9.8 (critical): The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize…
CVE-2023-5340 — CVSS 9.8 (critical): The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to…
CVE-2023-34017 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FiveStarPlugins Five Star Restaurant Reservations plugin <= 2.6.7 versions.
CVE-2024-24838 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star…
CVE-2023-37985 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin <= 2.4.6 versions.
CVE-2024-5459 — CVSS 4.3 (medium): The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check…