Browse all 3 CVE security advisories affecting Five Star Plugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Five Star Plugins develops WordPress extensions to enhance website functionality with themes and plugins. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been documented, the three CVEs on record highlight recurring security gaps in their codebase. Their plugins' broad permissions and integration with WordPress core systems increase potential attack surfaces, making them attractive targets for exploitation. Regular security audits and stricter coding practices would mitigate these risks for users relying on their extensions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-33596 | WordPress Five Star Restaurant Reservations plugin <= 2.6.16 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862 | 5.3 | Medium | 2024-04-29 |
| CVE-2024-29089 | WordPress Restaurant Menu and Food Ordering plugin <= 2.4.14 - Cross Site Scripting (XSS) vulnerability — Five Star Restaurant MenuCWE-79 | 6.5 | Medium | 2024-03-19 |
| CVE-2024-24838 | WordPress Five Star Restaurant Reviews Plugin <= 2.3.5 is vulnerable to Cross Site Scripting (XSS) — Five Star Restaurant ReviewsCWE-79 | 6.5 | Medium | 2024-02-05 |
This page lists every published CVE security advisory associated with Five Star Plugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.