CVE Catalog
CVE-2026-57644
HighCVSS 8.5Summary
The Restaurant Menu by MotoPress plugin version 2.4.10 and earlier contains a SQL injection vulnerability exploitable by contributors. An attacker with contributor privileges can inject malicious SQL queries into the database.
Risk Assessment
The risk includes unauthorized access to data, its modification or deletion, which may lead to a breach of confidentiality and integrity of the WordPress database.
Recommendation
It is recommended to immediately update the Restaurant Menu by MotoPress plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Contributor SQL Injection in Restaurant Menu by MotoPress <= 2.4.10 versions.

