Vulnerabilities and security researches forwp-food wp-food

Apr 14, 2025

CVE, Research URL: CVE-2025-31040
Home page URL: Security reports for WP Food ordering and Restaurant Menu
Application: WP Food ordering and Restaurant Menu
Date: Apr 11, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound WP Food ordering and Restaurant Menu allows PHP Local File Inclusion. This issue affects WP Food ordering and Restaurant Menu: from n/a through 1.1.
Affected versions: max 1.1.
Status: vulnerable

Mar 30, 2026

CVE, Research URL: CVE-2026-32440
Home page URL: Security reports for WP Food ordering and Restaurant Menu
Application: WP Food ordering and Restaurant Menu
Date: Mar 14, 2026
Research Description: Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Food: from n/a through < 2.7.1.
Affected versions: max 2.7.1.
Status: vulnerable