9.8 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.1%
The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php.
appcheck-ng.com/cve-2020-29045/
wordpress.org/plugins/food-and-drink-menu/#developers