Food Store – Online Food Delivery & Pickup

Vulnerabilities 8Slug food-storeLatest version 1.5.4WordPress.org →

Minimum safe version

1.4.7.5

Update to 1.4.7.5 or later to address 7 fixable vulnerabilities

Latest available1.5.4 ⚠ 1 vulnerability has no fix
High 7.1 Unfixed
2025-01-13≤ 1.5.4

WordPress Food Store plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability

CVEPatchstackWordfence
Medium 6.3
2024-10-16< 1.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE
N/A
2023-07-18< 1.4.7.5

WordPress Food Store – Online Food Delivery & Pickup Plugin <= 1.4.7.4 is vulnerable to Cross Site Scripting (XSS)

PatchstackWPScanCVE
N/A
< 1.3.7

Food Store &lt; 1.3.7 - Unauthorised AJAX call via CSRF

WPScan
N/A
2021-06-30< 1.3.7

Food Store < 1.3.7 - Cross-Site Request Forgery

Wordfence
N/A
2022-03-04< 1.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence
N/A
2022-02-28< 1.4

WordPress Food Store – Online Food Delivery & Pickup plugin <= 1.3.14 - Sensitive Information Disclosure vulnerability

Patchstack
N/A
2022-02-28< 1.4

WordPress Food Store – Online Food Delivery & Pickup plugin <= 1.3.14 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack