Vulnerability CVE-2023-0550
Published: 2023-01-27

Description:
The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu item. This makes it possible for authenticated attackers, with subscriber-level access or higher, to modify or delete arbitrary posts.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization
Marco Wotschka
02.02.2023

Type:

CWE-639

 (Authorization Bypass Through User-Controlled Key)

 References:
https://plugins.trac.wordpress.org/browser/quick-restaurant-menu/tags/2.0.2/includes/admin/ajax-functions.php
https://plugins.trac.wordpress.org/changeset/2851871/quick-restaurant-menu/trunk?contextall=1&old=2788636&old_path=%2Fquick-restaurant-menu%2Ftrunk
https://www.wordfence.com/threat-intel/vulnerabilities/id/faa4fba5-cd19-4b96-aa09-07ed6d52a107
Copyright 2024, cxsecurity.com

 

Back to Top