Skip to main content

Wpcafe Restaurant Menu Online Food Ordering Table Booking System

1 CVEs product

Monthly

CVE-2026-11818 MEDIUM This Month

Authorization bypass in the WPCafe WordPress plugin (all versions through 3.0.14) allows any authenticated subscriber-level user to fully manage email notification flow workflows that are intended to be administrator-only. The FlowAPI REST endpoints bundled within the plugin's email notification SDK rely solely on a wp_rest nonce for access control - a token freely obtainable from the frontend page source by any logged-in user - completely bypassing role-based authorization. No public exploit or active exploitation has been identified at time of analysis, though the low exploitation complexity makes this a realistic risk on sites with open user registration.

Authentication Bypass WordPress Wpcafe Restaurant Menu Online Food Ordering Table Booking System
NVD
CVSS 3.1
5.4
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM This Month

Authorization bypass in the WPCafe WordPress plugin (all versions through 3.0.14) allows any authenticated subscriber-level user to fully manage email notification flow workflows that are intended to be administrator-only. The FlowAPI REST endpoints bundled within the plugin's email notification SDK rely solely on a wp_rest nonce for access control - a token freely obtainable from the frontend page source by any logged-in user - completely bypassing role-based authorization. No public exploit or active exploitation has been identified at time of analysis, though the low exploitation complexity makes this a realistic risk on sites with open user registration.

Authentication Bypass WordPress Wpcafe Restaurant Menu Online Food Ordering Table Booking System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy