{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8491", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-01T22:03:01.823Z", "datePublished": "2025-08-13T03:42:04.071Z", "dateUpdated": "2026-04-08T17:12:50.840Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:50.840Z"}, "affected": [{"vendor": "nikelschubert", "product": "Easy restaurant menu manager", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsc_eprm_save_menu() function. This makes it possible for unauthenticated attackers to upload a menu file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Easy restaurant menu manager <= 2.0.2 - Cross-Site Request Forgery to Menu Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a349b220-5b42-4b98-869f-ce8399fe7ec9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/easy-pdf-restaurant-menu-upload/tags/2.0.2/class/class-admin-settings-nsc_eprm.php#L95"}, {"url": "https://plugins.trac.wordpress.org/changeset/3338246/easy-pdf-restaurant-menu-upload/trunk/class/class_admin_easy_pdf_restaurant_menu.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "timeline": [{"time": "2025-05-05T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-08-01T22:18:30.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-12T15:10:56.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-13T14:02:35.304681Z", "id": "CVE-2025-8491", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T14:02:40.232Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8491", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-13T14:02:35.304681Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T14:02:37.736Z"}}], "cna": {"title": "Easy restaurant menu manager <= 2.0.2 - Cross-Site Request Forgery to Menu Upload", "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "nikelschubert", "product": "Easy restaurant menu manager", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-05-05T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-08-01T22:18:30.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-12T15:10:56.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a349b220-5b42-4b98-869f-ce8399fe7ec9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/easy-pdf-restaurant-menu-upload/tags/2.0.2/class/class-admin-settings-nsc_eprm.php#L95"}, {"url": "https://plugins.trac.wordpress.org/changeset/3338246/easy-pdf-restaurant-menu-upload/trunk/class/class_admin_easy_pdf_restaurant_menu.php"}], "descriptions": [{"lang": "en", "value": "The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsc_eprm_save_menu() function. This makes it possible for unauthenticated attackers to upload a menu file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:50.840Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8491", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:12:50.840Z", "dateReserved": "2025-08-01T22:03:01.823Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-13T03:42:04.071Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsc_eprm_save_menu() function. This makes it possible for unauthenticated attackers to upload a menu file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El complemento Easy Restaurant Menu Manager para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.0.2 incluida. Esto se debe a la falta o la validaci\u00f3n incorrecta de nonce en la funci\u00f3n nsc_eprm_save_menu(). Esto permite que atacantes no autenticados carguen un archivo de men\u00fa mediante una solicitud falsificada, ya que pueden enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."}], "id": "CVE-2025-8491", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-13T04:16:18.773", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/easy-pdf-restaurant-menu-upload/tags/2.0.2/class/class-admin-settings-nsc_eprm.php#L95"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3338246/easy-pdf-restaurant-menu-upload/trunk/class/class_admin_easy_pdf_restaurant_menu.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a349b220-5b42-4b98-869f-ce8399fe7ec9?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T19:57:56.562400+00:00", "value": {"mitigation_remediation": ["Upgrade the Easy restaurant menu manager plugin to version 2.0.3 or newer, where nonce validation is correctly implemented.", "If an upgrade cannot be performed immediately, disable the menu upload functionality or restrict it to trusted users until a patch is available.", "Continuously monitor site logs for suspicious upload attempts and verify that only authenticated administrators trigger menu uploads."], "summary": {"action": "Patch", "impact": "Cross-Site Request Forgery enabling unauthorized menu uploads"}, "threat_synthesis": {"affected_systems": "Vendors: nikelschubert. Product: Easy restaurant menu manager plugin for WordPress, versions up to and including 2.0.2 are impacted. Administrators using these populations are vulnerable until they upgrade beyond 2.0.2.", "description_and_impact": "The Easy restaurant menu manager plugin is affected by a CSRF flaw that allows an unauthenticated attacker, who has convinced an administrator to follow a crafted link, to upload a menu file. The missing or incorrect nonce validation in the nsc_eprm_save_menu function means the system trusts the request and processes the file, potentially exposing the site to harmful content or unauthorized changes to the menu.", "risk_and_exploitability": "The CVSS score of 4.3 reflects a moderate severity, while an EPSS score below 1% indicates low likelihood of widespread exploitation at the time of this analysis. The flaw is not listed in the CISA KEV catalog. An attacker can exploit the vulnerability by sending a forged request to the site that a logged\u2011in administrator will automatically process when clicking a link; the query relies on the absence of proper nonce checks."}}}}, "created": "2025-08-13T21:47:03.966266+00:00", "updated": "2026-04-20T20:00:10.529753+00:00", "vendors": ["nikelschubert", "nikelschubert$PRODUCT$easy_restaurant_menu_manager_plugin", "wordpress", "wordpress$PRODUCT$wordpress"]}