cleantalk
Vulnerabilities and Security Researches

Simple Retail Menus, CVE-2025-69387

CVE, Research URL

CVE-2025-69387

Home page URL

Security reports for Simple Retail Menus

Application

Simple Retail Menus

Published on
Feb 20, 2026
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in whatwouldjessedo Simple Retail Menus simple-retail-menus allows PHP Local File Inclusion.This issue affects Simple Retail Menus: from n/a through <= 4.2.1.
Affected versions
max 4.2.1.
Status
vulnerable
Previous vulnerability researches
Simple Archive Generator (CVE-2025-68880) , Feb 27, 2026
Simple Archive Generator (CVE-2025-49346) , Jan 10, 2026
New vulnerability
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24942) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-23549) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24954) , Feb 28, 2026
Library Management System (CVE-2025-12707) , Feb 28, 2026
CM Business Directory Plugin &#8211; Business Listing Directory (CVE-2026-25004) , Feb 28, 2026