Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rustaurius — Vulnerabilities & Security Advisories 31

Browse all 31 CVE security advisories affecting Rustaurius. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rustaurius operates as a specialized software component, primarily utilized in embedded systems and IoT devices to provide robust memory safety and concurrency features. Its core utility lies in enabling developers to build high-performance applications while mitigating common low-level memory errors. Historically, vulnerabilities associated with this technology have frequently involved remote code execution and privilege escalation, often stemming from improper input validation or flawed cryptographic implementations. While the component itself is secure by design, integration errors have led to approximately 31 recorded CVEs, highlighting risks in custom implementations rather than the base library. Notable incidents typically involve attackers exploiting weak authentication mechanisms or unpatched dependencies within the surrounding ecosystem. Security audits emphasize the need for rigorous code review and strict adherence to secure coding standards to prevent these historically common exploitation vectors from compromising device integrity.

Top products by Rustaurius: Front End Users Ultimate WP Mail Five Star Restaurant Reservations Ultimate Reviews Order Tracking – WordPress Status Tracking Plugin Five Star Restaurant Reservations – WordPress Booking Plugin Five Star Restaurant Menu and Food Ordering Affiliate AI Lite Ultimate FAQ Order Tracking Ultimate FAQ Accordion Plugin
CVE IDTitleCVSSSeverityPublished
CVE-2026-6498 Five Star Restaurant Reservations <= 2.7.16 - Unauthenticated Payment Bypass via PHP Type Juggling in 'payment_id' Parameter — Five Star Restaurant Reservations – WordPress Booking PluginCWE-345 5.3 Medium2026-04-30
CVE-2026-4336 Ultimate FAQ Accordion Plugin <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting via FAQ Content — Ultimate FAQ Accordion PluginCWE-79 6.4 Medium2026-04-09
CVE-2026-39602 WordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerability — Order TrackingCWE-862 5.3 Medium2026-04-08
CVE-2026-25327 WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862 6.5 Medium2026-03-25
CVE-2026-24634 WordPress Ultimate Reviews plugin <= 3.2.16 - Insecure Direct Object References (IDOR) vulnerability — Ultimate ReviewsCWE-639 5.3 Medium2026-01-23
CVE-2025-68044 WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerability — Five Star Restaurant ReservationsCWE-639 8.6 High2026-01-05
CVE-2025-68601 WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Five Star Restaurant ReservationsCWE-352 5.4 Medium2025-12-24
CVE-2025-11496 Five Star Restaurant Reservations – WordPress Booking Plugin <= 2.7.5 - Unauthenticated Stored Cross-Site Scripting — Five Star Restaurant Reservations – WordPress Booking PluginCWE-79 6.1 Medium2025-12-21
CVE-2025-67590 WordPress Ultimate FAQ plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) vulnerability — Ultimate FAQCWE-352 4.3 Medium2025-12-09
CVE-2025-11799 Affiliate AI Lite <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Affiliate AI LiteCWE-79 6.4 Medium2025-11-21
CVE-2025-62072 WordPress Front End Users plugin <= 3.2.33 - Broken Access Control vulnerability — Front End UsersCWE-862 4.3 Medium2025-10-22
CVE-2025-53454 WordPress Ultimate WP Mail Plugin <= 1.3.8 - Cross Site Scripting (XSS) Vulnerability — Ultimate WP MailCWE-79 6.5 Medium2025-09-22
CVE-2025-58235 WordPress Front End Users plugin <= 3.2.35 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79 6.5 Medium2025-09-22
CVE-2025-6993 Ultimate WP Mail 1.0.17 - 1.3.6 - Missing Authorization to Authenticated (Contributor+) Privilege Escalation via get_email_log_details Function — Ultimate WP MailCWE-862 7.5 High2025-07-16
CVE-2025-49266 WordPress Ultimate Reviews plugin <= 3.2.14 - Reflected Cross Site Scripting (XSS) vulnerability — Ultimate ReviewsCWE-79 7.1 High2025-06-17
CVE-2025-49288 WordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak Vulnerability — Ultimate WP MailCWE-862 8.8 High2025-06-06
CVE-2025-47580 WordPress Front End Users plugin <= 3.2.35 - Broken Access Control vulnerability — Front End UsersCWE-862 5.4 Medium2025-05-15
CVE-2025-47490 WordPress Ultimate WP Mail plugin <= 1.3.4 - SQL Injection Vulnerability — Ultimate WP MailCWE-89 8.5 High2025-05-07
CVE-2025-47466 WordPress Ultimate WP Mail plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability — Ultimate WP MailCWE-352 5.4 Medium2025-05-07
CVE-2025-32694 WordPress Ultimate WP Mail plugin <= 1.3.10 - Open Redirection vulnerability — Ultimate WP MailCWE-601 4.7 Medium2025-04-09
CVE-2024-12410 Front End Users <= 3.2.32 - Authenticated (Admin+) SQL injection — Front End UsersCWE-89 4.9 Medium2025-04-02
CVE-2025-2005 Front-End-Only-Users <= 3.2.32 - Unauthenticated Arbitrary File Upload — Front End UsersCWE-434 9.8 Critical2025-04-02
CVE-2025-30861 WordPress Five Star Restaurant Reservations plugin <= 2.6.29 - Broken Access Control vulnerability — Five Star Restaurant ReservationsCWE-862 4.9 Medium2025-03-27
CVE-2025-26877 WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability — Front End UsersCWE-79 6.5 Medium2025-02-25
CVE-2024-13563 Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode — Front End UsersCWE-79 6.4 Medium2025-02-15
CVE-2024-7607 Front End Users <= 3.2.28 - Authenticated (Contributor+) Time-Based SQL Injection — Front End UsersCWE-89 8.8 High2024-08-29
CVE-2024-7606 Front End Users <= 3.2.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Front End UsersCWE-79 6.4 Medium2024-08-29
CVE-2024-5459 Restaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu Creation — Five Star Restaurant Menu and Food OrderingCWE-862 4.3 Medium2024-06-05
CVE-2023-4471 Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79 6.1 Medium2023-08-31
CVE-2023-4500 Order Tracking Pro <= 3.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting — Order Tracking – WordPress Status Tracking PluginCWE-79 4.7 Medium2023-08-31

This page lists every published CVE security advisory associated with Rustaurius. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.