CVE-2026-54835 Rustaurius CVE debrief

Who should care

Administrators and users of the Five Star Restaurant Menu plugin, version 2.5.2 or earlier, should be aware of this vulnerability. This vulnerability can allow attackers to perform unauthorized actions, potentially leading to security breaches. Users should prioritize updating to a patched version.

Technical summary

CVE-2026-54835 is a HIGH severity vulnerability (CVSS Score: 7.5) caused by Unauthenticated Broken Access Control in the Five Star Restaurant Menu plugin, version 2.5.2 or earlier. The vulnerability has been assigned a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. The CWE associated with this vulnerability is CWE-862. The CVE was published on 2026-06-26 and modified on 2026-06-29.

Defensive priority

High priority should be given to updating the Five Star Restaurant Menu plugin to a patched version. Administrators should ensure that the plugin version is updated as soon as possible to prevent potential security breaches.

Recommended defensive actions

• Update the Five Star Restaurant Menu plugin to a patched version.
• Review and monitor plugin updates and patches.
• Implement additional security measures to detect and prevent unauthorized actions.

Evidence notes

The CVE-2026-54835 vulnerability was reported by Patchstack and recorded in the NVD database. The vulnerability has a HIGH severity score and is caused by Unauthenticated Broken Access Control in the Five Star Restaurant Menu plugin. The CVE record and NVD details provide additional information on this vulnerability.

Official resources