CVE-2025-13479

Name of the Vulnerable Software and Affected Versions QR Menu versions prior to 21052026

Description An authorization bypass exists due to a user-controlled key, which allows for the exploitation of trusted identifiers. This is an Insecure Direct Object Reference (IDOR), a condition where an application provides direct access to objects based on user-supplied input.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.