Vulnerabilities and security researches forrestaurant-reservations restaurant-reservations
Direction: ascendingFive Star Restaurant Reservations – WordPress Booking Plugin # CVE-2021-24965
- CVE, Research URL
- Home page URL
-
Security reports for Five Star Restaurant Reservations – WordPress Booking Plugin
- Date
- Jan 24, 2022
- Research Description
- The Five Star Restaurant Reservations WordPress plugin before 2.4.8 does not have capability and CSRF checks in the rtb_welcome_set_schedule AJAX action, allowing any authenticated users to call it. Due to the lack of sanitisation and escaping, users with a role as low as subscriber could perform Cross-Site Scripting attacks against logged in admins
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Five Star Restaurant Reservations – WordPress Booking Plugin # CVE-2022-0421
- CVE, Research URL
- Home page URL
-
Security reports for Five Star Restaurant Reservations – WordPress Booking Plugin
- Date
- Nov 21, 2022
- Research Description
- The Five Star Restaurant Reservations WordPress plugin before 2.4.12 does not have authorisation when changing whether a payment was successful or failed, allowing unauthenticated users to change the payment status of arbitrary bookings. Furthermore, due to the lack of sanitisation and escaping, attackers could perform Cross-Site Scripting attacks against a logged in admin viewing the failed payments
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Five Star Restaurant Reservations – WordPress Booking Plugin # CVE-2023-34017
- CVE, Research URL
- Home page URL
-
Security reports for Five Star Restaurant Reservations – WordPress Booking Plugin
- Date
- Jul 25, 2023
- Research Description
- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FiveStarPlugins Five Star Restaurant Reservations plugin <= 2.6.7 versions.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Five Star Restaurant Reservations – WordPress Booking Plugin # CVE-2024-33596
- CVE, Research URL
- Home page URL
-
Security reports for Five Star Restaurant Reservations – WordPress Booking Plugin
- Date
- Apr 29, 2024
- Research Description
- Missing Authorization vulnerability in Five Star Plugins Five Star Restaurant Reservations.This issue affects Five Star Restaurant Reservations: from n/a through 2.6.16.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Five Star Restaurant Reservations – WordPress Booking Plugin # CVE-2025-30861
- CVE, Research URL
- Home page URL
-
Security reports for Five Star Restaurant Reservations – WordPress Booking Plugin
- Date
- Mar 27, 2025
- Research Description
- Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.6.29.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable