How to fix CVE-2025-7014?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Menu Panel affected by CVE-2025-7014?

Organizations using Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel should be aware of moderate risk from CVE-2025-7014 rated CVSS 5.7. Exploitation could compromise the security of affected deployments.

CVE-2025-7014

MEDIUM

2026-01-29 [email protected]

Information Disclosure Menu Panel

5.7

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:00 vuln.today

CVE Published

Jan 29, 2026 - 14:16 nvd

MEDIUM 5.7

DescriptionNVD

Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [CVSS 5.7 MEDIUM]

Technical ContextAI

Classified as CWE-384 (Session Fixation). Affects Menu Panel. Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

CVE-2025-7014 vulnerability details – vuln.today

Back