Vulnerabilities and security researches formp-restaurant-menu mp-restaurant-menu
Direction: ascendingJun 06, 2024
Restaurant Menu and Food Ordering # CVE-2021-24722
- CVE, Research URL
- Home page URL
- Application
- Date
- Nov 01, 2021
- Research Description
- The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
- Affected versions
-
max 2.4.2.
- Status
-
vulnerable
Apr 02, 2025
Restaurant Menu and Food Ordering # CVE-2025-30846
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 27, 2025
- Research Description
- Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jetmonsters Restaurant Menu by MotoPress allows PHP Local File Inclusion. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.4.
- Affected versions
-
max 2.4.5.
- Status
-
vulnerable
Jul 18, 2025
Restaurant Menu and Food Ordering # CVE-2025-54038
- CVE, Research URL
- Home page URL
- Application
- Date
- Jul 16, 2025
- Research Description
- Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6.
- Affected versions
-
max 2.4.7.
- Status
-
vulnerable
Jan 10, 2026
Restaurant Menu and Food Ordering # CVE-2025-49914
- CVE, Research URL
- Home page URL
- Application
- Date
- Dec 18, 2025
- Research Description
- Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in jetmonsters Restaurant Menu by MotoPress mp-restaurant-menu allows Retrieve Embedded Sensitive Data.This issue affects Restaurant Menu by MotoPress: from n/a through <= 2.4.7.
- Affected versions
-
max 2.4.7.
- Status
-
vulnerable