Vulnerabilities > Oracle > Restaurant Menu Food Ordering System Table Reservation > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-24	CVE-2023-32516	Cross-site Scripting vulnerability in Oracle Restaurant Menu - Food Ordering System - Table Reservation Unauth. network low complexity oracle CWE-79	6.1
2023-02-06	CVE-2022-4657	Unspecified vulnerability in Oracle Restaurant Menu - Food Ordering System - Table Reservation The Restaurant Menu WordPress plugin before 2.3.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks network low complexity oracle	5.4
2022-11-03	CVE-2022-2696	Unspecified vulnerability in Oracle Restaurant Menu - Food Ordering System - Table Reservation The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to authorization bypass via several AJAX actions in versions up to, and including 2.3.0 due to missing capability checks and missing nonce validation. network low complexity oracle	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.