CVE Catalog

CVE-2026-54835

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile — higher than 15% of all known CVEs

Summary

The Five Star Restaurant Menu plugin version 2.5.2 and earlier contains a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to administrative functions without requiring authentication.

Risk Assessment

The organization is at risk of unauthorized modification of restaurant menus, data theft, or plugin takeover by an external attacker. This could lead to loss of data integrity and breach of information confidentiality.

Recommendation

Immediately update the Five Star Restaurant Menu plugin to the latest available version that fixes this vulnerability. If an update is not possible, consider temporarily disabling the plugin until a patch is applied.

Original NVD description (English source)

Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS