CVE-2026-6498 | rustaurius Five Star Restaurant Reservations Plugin up to 2.7.16 on WordPress AJAX valid_payment payment_id data authenticity

A vulnerability categorized as critical has been discovered in rustaurius Five Star Restaurant Reservations Plugin up to 2.7.16 on WordPress. The affected element is the function valid_payment of the component AJAX Handler. Executing a manipulation of the argument payment_id can lead to insufficient verification of data authenticity.

This vulnerability is handled as CVE-2026-6498. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More