Vulnerabilities and security researches forsimple-retail-menus simple-retail-menus

Feb 28, 2026

CVE, Research URL: CVE-2025-69387
Home page URL: Security reports for Simple Retail Menus
Application: Simple Retail Menus
Date: Feb 20, 2026
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in whatwouldjessedo Simple Retail Menus simple-retail-menus allows PHP Local File Inclusion.This issue affects Simple Retail Menus: from n/a through <= 4.2.1.
Affected versions: max 4.2.1.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2014-5183
Home page URL: Security reports for Simple Retail Menus
Application: Simple Retail Menus
Date: Aug 07, 2014
Research Description: SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus (simple-retail-menus) plugin before 4.1 for WordPress allows remote authenticated editors to execute arbitrary SQL commands via the targetmenu parameter in an edit action to wp-admin/admin.php.
Affected versions: max 4.1.
Status: vulnerable