Low-risk security vulnerability in themes and plugins

A security vulnerability was disclosed yesterday that effected a large number of the most popular WordPress plugins. After investigating the impact on my own products, I found that several of them are exposed to a low-risk vulnerability and should be updated as soon possible.

You should find update notifications in your WordPress admin panel now. Please update the following products to their latest version:

Restaurant Reservations (v1.4.4)
The Spot (v1.0.4)
Plate Up (v1.1.5)
CafeCultura (v1.3.7)
Food and Drink Menu Pro (v1.3.1)
MailChimp for Restaurant Reservations (v1.1.4)

Why is this a low-risk exposure?

Each of the potential security risks in the products above require access to the admin panel by trusted users. In most cases this is someone with Administrator-level privileges, but in some cases it may be possible for anyone with a user account on the site to make use of the vulnerability.

That means for the vast majority of restaurant websites it would require a disgruntled or malicious employee or tech consultant. Or a trusted, logged-in user to mistakenly click on a malicious URL. You’re not exposed to just any malicious visitor to your site.

What happens if I don’t see the update notifications?

If you’re using one of my commercial products, make sure your license key is valid and up-to-date. For the themes, you’ll find your license key under Appearance > Theme License. Food and Drink Menu Pro’s license page can be found under Menus > Pro License. And the MailChimp addon license can be found under Bookings > Mailchimp License.

If you’re not sure what your license key is, please get in touch. Tell me the product you need your license key for and the email address you used when making the purchase. I’ll resend the license key to that address.

But I made modifications to the theme. How can I update?

I always recommend you use a Child Theme instead of modifying the theme files directly. When using a Child Theme you can still update the base theme without overwriting your changes.

If you’d ever like help learning how to get started with Child Themes, please get in touch.

If you’ve already made too many changes to the base theme and can’t switch to a Child Theme, reach out to me and I can provide selected files you’ll need to update in the base theme. For the most part, the changes should apply to files you haven’t modified.

Call to action box goes here
Need a Plugin to Improve Your Site?
Browse Plugins Now
๐Ÿš€ Smarter SEO and Accessibility for Your Restaurant Website with AI Image Alt Text
๐Ÿš€ Smarter SEO and Accessibility for Your Restaurant Website with AI Image Alt Text

The holiday rush is here โ€” and for restaurants and businesses, that means more visitors, more online orders, and more eyes on your website. To make sure every click counts, our sister company, WP AI Power Tools, has launched something thatโ€™s changing the way WordPress users approach SEO: the AI Image Alt Text plugin. This…

๐ŸŽ„ Prepare for the Holiday Reservations with Five Star Restaurant Reservations
๐ŸŽ„ Prepare for the Holiday Reservations with Five Star Restaurant Reservations

The holiday season is one of the busiest times for restaurants, and managing reservations manually can quickly become overwhelming. Missed bookings, last-minute cancellations, and high guest volumes can hurt both your revenue and your reputation. Thatโ€™s where Five Star Restaurant Reservations comes in โ€” a powerful WordPress plugin designed to simplify booking management while keeping…

๐Ÿ–ค Black Friday 2025: Save 20% on Five Star Plugins!
๐Ÿ–ค Black Friday 2025: Save 20% on Five Star Plugins!

Black Friday is here early at Five Star Plugins! From November 26th to December 1st, 2025, our valued customers can save 20% on any Five Star plugin. Use code BF2025 at checkout and get powerful tools to enhance your site, boost engagement, and streamline management. Whether youโ€™re looking to enhance your site with restaurant reservations,…

Discover More Posts
Browse Plugins Now