Oracle Restaurant Menu Food Ordering System Table Reservation
By the Year
In 2023 there have been 1 vulnerability in Oracle Restaurant Menu Food Ordering System Table Reservation with an average score of 5.4 out of ten. Last year Restaurant Menu Food Ordering System Table Reservation had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Restaurant Menu Food Ordering System Table Reservation in 2023 could surpass last years number. Last year, the average CVE base score was greater by 2.25
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 5.40 |
| 2022 | 2 | 7.65 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Restaurant Menu Food Ordering System Table Reservation vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oracle Restaurant Menu Food Ordering System Table Reservation Security Vulnerabilities
The Restaurant Menu WordPress plugin before 2.3.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could
CVE-2022-4657
5.4 - Medium
- February 06, 2023
The Restaurant Menu WordPress plugin before 2.3.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
XSS
The Restaurant Menu Food Ordering System Table Reservation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to
CVE-2022-3776
8.8 - High
- November 03, 2022
The Restaurant Menu Food Ordering System Table Reservation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on several functions called via AJAX actions such as forms_action, set_option, & chosen_options to name a few . This makes it possible for unauthenticated attackers to perform a variety of administrative actions like modifying forms, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Session Riding
The Restaurant Menu Food Ordering System Table Reservation plugin for WordPress is vulnerable to authorization bypass
CVE-2022-2696
6.5 - Medium
- November 03, 2022
The Restaurant Menu Food Ordering System Table Reservation plugin for WordPress is vulnerable to authorization bypass via several AJAX actions in versions up to, and including 2.3.0 due to missing capability checks and missing nonce validation. This makes it possible for authenticated attackers with minimal permissions to perform a wide variety of actions such as modifying the plugin's settings and modifying the ordering system preferences.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Restaurant Menu Food Ordering System Table Reservation or by Oracle? Click the Watch button to subscribe.
