Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Rustaurius — Vulnerabilities & Security Advisories 30

Browse all 30 CVE security advisories affecting Rustaurius. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Rustaurius:Front End UsersUltimate WP MailFive Star Restaurant ReservationsUltimate ReviewsOrder Tracking – WordPress Status Tracking PluginFive Star Restaurant Menu and Food OrderingAffiliate AI LiteUltimate FAQFive Star Restaurant Reservations – WordPress Booking PluginOrder TrackingUltimate FAQ Accordion Plugin
CVE IDTitleCVSSSeverityPaused
CVE-2026-4336 Ultimate FAQ Accordion Plugin <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting via FAQ Content — Ultimate FAQ Accordion PluginCWE-79 6.4 Medium2026-04-09
CVE-2026-39602 WordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerability — Order TrackingCWE-862 8.1AIHighAI2026-04-08
CVE-2026-25327 WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862 8.1 -2026-03-25
CVE-2026-24634 WordPress Ultimate Reviews plugin <= 3.2.16 - Insecure Direct Object References (IDOR) vulnerability — Ultimate ReviewsCWE-639 8.1 -2026-01-23
CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability — Five Star Restaurant ReservationsCWE-639 8.6 High2026-01-05
CVE-2025-68601 WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Five Star Restaurant ReservationsCWE-352 5.4 Medium2025-12-24
CVE-2025-11496 Five Star Restaurant Reservations – WordPress Booking Plugin <= 2.7.5 - Unauthenticated Stored Cross-Site Scripting — Five Star Restaurant Reservations – WordPress Booking PluginCWE-79 6.1 Medium2025-12-21
CVE-2025-67590 WordPress Ultimate FAQ plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) vulnerability — Ultimate FAQCWE-352 4.3 Medium2025-12-09
CVE-2025-11799 Affiliate AI Lite <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Affiliate AI LiteCWE-79 6.4 Medium2025-11-21
CVE-2025-62072 WordPress Front End Users plugin <= 3.2.33 - Broken Access Control vulnerability — Front End UsersCWE-862 4.3 Medium2025-10-22
CVE-2025-53454 WordPress Ultimate WP Mail Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — Ultimate WP MailCWE-79 6.5 Medium2025-09-22
CVE-2025-58235 WordPress Front End Users plugin <= 3.2.35 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79 6.5 Medium2025-09-22
CVE-2025-6993 Ultimate WP Mail 1.0.17 - 1.3.6 - Missing Authorization to Authenticated (Contributor+) Privilege Escalation via get_email_log_details Function — Ultimate WP MailCWE-862 7.5 High2025-07-16
CVE-2025-49266 WordPress Ultimate Reviews plugin <= 3.2.14 - Reflected Cross Site Scripting (XSS) vulnerability — Ultimate ReviewsCWE-79 7.1 High2025-06-17
CVE-2025-49288 WordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak Vulnerability — Ultimate WP MailCWE-862 8.8 High2025-06-06
CVE-2025-47580 WordPress Front End Users plugin <= 3.2.35 - Broken Access Control vulnerability — Front End UsersCWE-862 5.4 Medium2025-05-15
CVE-2025-47490 WordPress Ultimate WP Mail plugin <= 1.3.4 - SQL Injection Vulnerability — Ultimate WP MailCWE-89 8.5 High2025-05-07
CVE-2025-47466 WordPress Ultimate WP Mail plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability — Ultimate WP MailCWE-352 5.4 Medium2025-05-07
CVE-2025-32694 WordPress Ultimate WP Mail plugin <= 1.3.10 - Open Redirection vulnerability — Ultimate WP MailCWE-601 4.7 Medium2025-04-09
CVE-2024-12410 Front End Users <= 3.2.32 - Authenticated (Admin+) SQL injection — Front End UsersCWE-89 4.9 Medium2025-04-02
CVE-2025-2005 Front-End-Only-Users <= 3.2.32 - Unauthenticated Arbitrary File Upload — Front End UsersCWE-434 9.8 Critical2025-04-02
CVE-2025-30861 WordPress Five Star Restaurant Reservations plugin <= 2.6.29 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862 4.9 Medium2025-03-27
CVE-2025-26877 WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79 6.5 Medium2025-02-25
CVE-2024-13563 Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode — Front End UsersCWE-79 6.4 Medium2025-02-15
CVE-2024-7607 Front End Users <= 3.2.28 - Authenticated (Contributor+) Time-Based SQL Injection — Front End UsersCWE-89 8.8 High2024-08-29
CVE-2024-7606 Front End Users <= 3.2.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Front End UsersCWE-79 6.4 Medium2024-08-29
CVE-2024-5459 Restaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu Creation — Five Star Restaurant Menu and Food OrderingCWE-862 4.3 Medium2024-06-05
CVE-2023-4471 Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79 6.1 Medium2023-08-31
CVE-2023-4500 Order Tracking Pro <= 3.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79 4.7 Medium2023-08-31
CVE-2020-36726 Ultimate Reviews < 2.1.33 - PHP Object Injection — Ultimate ReviewsCWE-502 9.8 Critical2023-06-07

This page lists every published CVE security advisory associated with Rustaurius. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.