PT-2026-5266 · Unknown · Qr Menu Pro+1
Published
2026-01-29
·
Updated
2026-03-09
·
CVE-2025-7013
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
QR Menu Pro Smart Menu Systems Menu Panel versions through 29012026
Description
An authorization bypass exists due to user-controlled key handling in the Menu Panel. This allows exploitation of trusted identifiers. The vendor was contacted regarding this issue but did not respond.
Recommendations
Versions prior to 29012026 should be updated.
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Menu Panel
Qr Menu Pro