PT-2026-5611 · WordPress · Five Star Restaurant Reservations
Bob Matyas
·
Published
2026-02-02
·
Updated
2026-02-02
·
CVE-2026-0658
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Five Star Restaurant Reservations WordPress plugin versions prior to 2.7.9
Description
The plugin lacks CSRF checks in certain bulk actions. This could allow attackers to make logged-in administrators perform unintended actions, such as deleting bookings, through Cross-Site Request Forgery attacks. The affected actions involve bulk operations performed by administrators.
Recommendations
Update the Five Star Restaurant Reservations WordPress plugin to version 2.7.9 or later.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Five Star Restaurant Reservations