Vulnerabilities and security researches forwppizza wppizza

Jun 07, 2024

CVE, Research URL: CVE-2013-6837
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Dec 19, 2013
Research Description: Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted PATH_INTO to the default URI.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-46622
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Oct 31, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.18.2 versions.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-33576
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: May 07, 2024
Research Description: Missing Authorization vulnerability in Ollybach WPPizza.This issue affects WPPizza: from n/a through 3.18.10.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: 031ee55ed33d6b56ad6010b4bfd418bf365396b4
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: May 14, 2015
Research Description: WPPizza – A Restaurant Plugin [wppizza] < 2.11.8.18 WordPress WPPizza Plugin <= 2.11.8.0 - Cross Site Scripting Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Update the plugin.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-32105
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Aug 18, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions.
Affected versions: Min -, max -.
Status: vulnerable

Jun 22, 2024

CVE, Research URL: CVE-2024-35766
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Jun 21, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS.This issue affects WPPizza: from n/a through 3.18.13.
Affected versions: Min -, max -.
Status: vulnerable

Feb 27, 2025

CVE, Research URL: CVE-2025-26991
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Feb 25, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS. This issue affects WPPizza: from n/a through 3.19.4.
Affected versions: Min -, max -.
Status: vulnerable

Aug 23, 2025

CVE, Research URL: CVE-2025-57894
Home page URL: Security reports for WPPizza – A Restaurant Plugin
Application: WPPizza – A Restaurant Plugin
Date: Aug 22, 2025
Research Description: Missing Authorization vulnerability in ollybach WPPizza allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPPizza: from n/a through 3.19.8.
Affected versions: Min -, max -.
Status: vulnerable