CVE-2022-3776 in Table Reservation Plugininfo

Summary

by MITRE • 11/03/2022

The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on several functions called via AJAX actions such as forms_action, set_option, & chosen_options to name a few . This makes it possible for unauthenticated attackers to perform a variety of administrative actions like modifying forms, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 04/08/2026

The CVE-2022-3776 vulnerability affects the Restaurant Menu - Food Ordering System - Table Reservation plugin for WordPress, a widely used tool for managing restaurant operations through online ordering and reservation systems. This plugin, which allows businesses to create digital menus, process food orders, and manage table reservations, has been identified as containing a critical cross-site request forgery flaw that impacts versions up to and including 2.3.1. The vulnerability stems from inadequate security controls within the plugin's ajax handling mechanisms, specifically targeting the validation of nonce tokens that are essential for protecting against unauthorized administrative actions.

The technical flaw manifests in the plugin's failure to implement proper nonce validation across multiple critical ajax actions including forms_action, set_option, and chosen_options. These functions are designed to handle administrative tasks through asynchronous requests but lack the necessary cryptographic token verification that would normally prevent unauthorized modifications. The absence of proper nonce validation creates a pathway for attackers to forge requests that appear legitimate to the WordPress system, as the server cannot verify that the requests originate from authenticated administrators. This vulnerability operates under the principles of CWE-352, which defines cross-site request forgery as a weakness where the application fails to validate that requests come from legitimate sources, and aligns with ATT&CK technique T1213.002 for credential access through manipulation of web applications.

The operational impact of this vulnerability is significant as it allows unauthenticated attackers to perform administrative actions without requiring valid credentials or session tokens. An attacker could potentially modify form configurations, alter system options, or manipulate reservation data by tricking a logged-in administrator into clicking on a malicious link or visiting a compromised website. The attack requires social engineering elements to succeed, as the administrator must be convinced to perform an action that triggers the forged request, but once successful, the attacker gains unauthorized access to critical system functions. This vulnerability particularly affects WordPress sites that rely on the plugin for business-critical operations, potentially leading to data corruption, service disruption, or unauthorized modifications to menu items and reservation systems.

The security implications extend beyond simple administrative access as the compromised plugin could enable attackers to manipulate customer data, alter pricing structures, or disrupt the entire ordering and reservation workflow. Given that many restaurant businesses depend on these systems for revenue generation, such a compromise could result in significant financial losses and reputational damage. The vulnerability demonstrates the importance of proper input validation and authentication mechanisms in web applications, particularly those handling user data and business-critical operations. Organizations using this plugin should immediately implement mitigations including updating to patched versions, implementing additional access controls, or temporarily disabling the affected plugin until proper updates can be deployed. The incident highlights the necessity of comprehensive security testing for WordPress plugins, especially those that handle sensitive business data and administrative functions through ajax interfaces.

Responsible

Wordfence

Reservation

10/31/2022

Disclosure

11/03/2022

Moderation

accepted

CPE

ready

EPSS

0.00482

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!