all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization

Add to bookmarks
Feb. 2, 2023, 4:31 p.m. |

Packet Storm packetstormsecurity.com

On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference, cross site request forgery as well as cross site scripting in versions up to, and including, 2.0.2.

authorization cross site scripting csrf forgery idor insecure intelligence january missing object plugin reference request restaurant scripting team threat threat intelligence vulnerabilities vulnerable wordfence wordpress wordpress plugin xss

Visit resource

More from packetstormsecurity.com / Packet Storm

Apache Solr Backup/Restore API Remote Code Execution 16 hours ago | packetstormsecurity.com
11.2 apache apache solr api +17
Ubuntu Security Notice USN-6748-1 16 hours ago | packetstormsecurity.com
attack attacker cross-site issue +9
Ubuntu Security Notice USN-6747-1 16 hours ago | packetstormsecurity.com
arbitrary code attacker code denial of service +16
Ubuntu Security Notice USN-6742-2 16 hours ago | packetstormsecurity.com
attacker authentication bluetooth connections +11
Relate Learning And Teaching System SSTI / Remote Code Execution 16 hours ago | packetstormsecurity.com
batch code code execution exam +13
Nginx 1.25.5 Host Header Validation 16 hours ago | packetstormsecurity.com
bug header host malice +2
Red Hat Security Advisory 2024-2033-03 16 hours ago | packetstormsecurity.com
advisory enterprise libreswan linux +5
Red Hat Security Advisory 2024-2011-03 16 hours ago | packetstormsecurity.com
advisory buffer buffer overflow buffer overflow vulnerability +12
Red Hat Security Advisory 2024-2010-03 16 hours ago | packetstormsecurity.com
advisory components crlf injection denial of service +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland
View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI
View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)
View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com
View more jobs