cleantalk
Vulnerabilities and Security Researches

WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation, CVE-2024-43135

CVE, Research URL

CVE-2024-43135

Home page URL

Security reports for WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation

Application

WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation

Published on
Aug 13, 2024
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28.
Affected versions
Min -, max 2.2.29.
Status
vulnerable
Previous vulnerability researches
WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation (CVE-2023-47805) , Jun 10, 2024
WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation (CVE-2024-5431) , Jun 26, 2024
WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation (90d75c4c6d236cccbf5ce896d3bbbcb54c29f2f7) , Jun 07, 2024
WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation (CVE-2024-1855) , Jun 07, 2024
WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation (CVE-2024-5427) , Jun 07, 2024
New vulnerability
WP Simple Booking Calendar (CVE-2025-39541) , Apr 20, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025