cleantalk
Vulnerabilities and Security Researches

Simple Retail Menus, CVE-2025-69387

CVE, Research URL

CVE-2025-69387

Home page URL

Security reports for Simple Retail Menus

Application

Simple Retail Menus

Published on
Feb 20, 2026
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in whatwouldjessedo Simple Retail Menus simple-retail-menus allows PHP Local File Inclusion.This issue affects Simple Retail Menus: from n/a through <= 4.2.1.
Affected versions
max 4.2.1.
Status
vulnerable
Previous vulnerability researches
eDS Responsive Menu (CVE-2025-49971) , Jun 25, 2025
eDS Responsive Menu (CVE-2025-58839) , Sep 07, 2025
eDS Responsive Menu (CVE-2025-68845) , Feb 27, 2026
New vulnerability
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24942) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-23549) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24954) , Feb 28, 2026
Library Management System (CVE-2025-12707) , Feb 28, 2026
CM Business Directory Plugin &#8211; Business Listing Directory (CVE-2026-25004) , Feb 28, 2026