Lucene search
WPScanCVELIST:CVE-2023-5340HistoryNov 20, 2023 - 6:55 p.m.
CVE-2023-5340 Five Star Restaurant Menu and Food Ordering < 2.4.11 - Unauthenticated PHP Object Injection
2023-11-2018:55:01
WPScan
www.cve.org
five star restaurant
menu and food ordering
wordpress
unauthenticated
php object injection
ajax action
unserialized user input
gadget
cve-2023-5340
The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to perform PHP Object Injection when a suitable gadget is present on the blog.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Five Star Restaurant Menu and Food Ordering",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.4.11"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cve
cve
CVE-2023-5340
2023-11-20 19:15:09
prion
prion
Design/Logic Flaw
2023-11-20 19:15:00
wpexploit
wpexploit
nvd
nvd
CVE-2023-5340
2023-11-20 19:15:09
wpvulndb
wpvulndb