Description
WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change plugin�s settings, or modify the ordering system preferences. WordPress Plugin Restaurant Menu-Food Ordering System-Table Reservation version 2.3.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.1 or latest
References
https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-2696
https://plugins.svn.wordpress.org/menu-ordering-reservations/trunk/readme.txt
Related Vulnerabilities
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.15)
WordPress Plugin Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1)
WordPress Plugin Events Widgets For Elementor And The Events Calendar Security Bypass (1.4.3)
WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.1)