CVE-2025-14112
Stored XSS in Snillrik Restaurant WordPress Plugin Allows Script Injection
Publication date: 2026-01-07
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| snillrik | restaurant_menu | to 2.2.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the Snillrik Restaurant plugin for WordPress. It occurs via the 'menu_style' shortcode attribute in versions up to 2.2.1 due to insufficient input sanitization and output escaping. Authenticated users with Contributor-level access or higher can inject malicious scripts that execute when other users view the affected pages.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
To detect this vulnerability, you can scan your WordPress installation for the presence of the Snillrik Restaurant Menu plugin version 2.2.1 or earlier. Additionally, look for usage of the shortcode [snillrik_restaurant_menu] with the 'menu_style' attribute, which is vulnerable to stored XSS. Since the vulnerability involves stored scripts injected via the 'menu_style' shortcode attribute, you can search your WordPress database posts and pages for this shortcode containing suspicious or unexpected script tags. For example, you can run SQL queries on the WordPress database to find posts containing the shortcode with potential script injections. Example command (MySQL): SELECT ID, post_title FROM wp_posts WHERE post_content LIKE '%[snillrik_restaurant_menu%menu_style=%<script>%'; Alternatively, use WordPress CLI to search for posts containing the shortcode with suspicious attributes. Also, monitor HTTP requests and responses for unusual script injections or reflected XSS payloads related to this shortcode. However, no specific detection commands are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Update the Snillrik Restaurant Menu plugin to a version later than 2.2.1 where the vulnerability is fixed. 2. Restrict Contributor-level and higher users from adding or editing content with the vulnerable shortcode until patched. 3. Audit existing pages and posts for injected scripts via the 'menu_style' shortcode attribute and remove any malicious content. 4. Implement additional input sanitization and output escaping if you maintain a custom version of the plugin. 5. Consider disabling the vulnerable shortcode temporarily if updating is not immediately possible. These steps help prevent exploitation of the stored XSS vulnerability by limiting the ability to inject malicious scripts and removing existing injections. [1, 2]
How can this vulnerability impact me? :
The vulnerability allows attackers with Contributor-level access to inject arbitrary scripts into pages, which execute when other users access those pages. This can lead to unauthorized actions, data theft, session hijacking, or other malicious activities affecting the website and its users.