Vulnerabilities and security researches formp-restaurant-menu mp-restaurant-menu

Jul 18, 2025

CVE, Research URL: CVE-2025-54038
Home page URL: Security reports for Restaurant Menu and Food Ordering
Application: Restaurant Menu and Food Ordering
Date: Jul 16, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6.
Affected versions: Min -, max -.
Status: vulnerable

Apr 02, 2025

CVE, Research URL: CVE-2025-30846
Home page URL: Security reports for Restaurant Menu and Food Ordering
Application: Restaurant Menu and Food Ordering
Date: Mar 27, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jetmonsters Restaurant Menu by MotoPress allows PHP Local File Inclusion. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.4.
Affected versions: Min -, max -.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: CVE-2021-24722
Home page URL: Security reports for Restaurant Menu and Food Ordering
Application: Restaurant Menu and Food Ordering
Date: Nov 01, 2021
Research Description: The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Affected versions: Min -, max -.
Status: vulnerable