Vulnerability Description
The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu item. This makes it possible for authenticated attackers, with subscriber-level access or higher, to modify or delete arbitrary posts.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thingsforrestaurants | Quick Restaurant Menu | < 2.1.0 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/quick-restaurant-menu/tags/2.0.2/inclPatchThird Party Advisory
- https://plugins.trac.wordpress.org/changeset/2851871/quick-restaurant-menu/trunkPatchThird Party Advisory
- https://www.wordfence.com/blog/2023/02/multiple-vulnerabilities-patched-in-quick
- https://www.wordfence.com/threat-intel/vulnerabilities/id/faa4fba5-cd19-4b96-aa0
- https://plugins.trac.wordpress.org/browser/quick-restaurant-menu/tags/2.0.2/inclPatchThird Party Advisory
- https://plugins.trac.wordpress.org/changeset/2851871/quick-restaurant-menu/trunkPatchThird Party Advisory
- https://www.wordfence.com/threat-intel/vulnerabilities/id/faa4fba5-cd19-4b96-aa0Third Party Advisory
FAQ
What is CVE-2023-0550?
CVE-2023-0550 is a vulnerability with a CVSS score of 8.1 (HIGH). The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modific...
How severe is CVE-2023-0550?
CVE-2023-0550 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0550?
Check the references section above for vendor advisories and patch information. Affected products include: Thingsforrestaurants Quick Restaurant Menu.