The Easy restaurant menu manager plugin for WordPress, developed by nikelschubert, suffers from a Cross-Site Request Forgery (CSRF) vulnerability identified as CVE-2025-8491. This vulnerability exists in all versions up to and including 2.0.2 due to missing or incorrect nonce validation in the nsc_eprm_save_menu() function, which handles menu file uploads. Nonces are security tokens used to verify that requests originate from legitimate users and prevent unauthorized actions. Without proper nonce validation, an attacker can craft a malicious request that, when executed by an authenticated administrator (e.g., by clicking a malicious link), causes the plugin to upload a menu file without the administrator's intent or knowledge. This attack vector requires no authentication by the attacker but does require user interaction from a privileged user. The vulnerability impacts the integrity of the menu data but does not affect confidentiality or availability. The CVSS v3.1 base score is 4.3 (medium), reflecting the ease of exploitation (network vector, low attack complexity) but limited impact scope. No patches or exploits are currently documented, but the risk remains significant for sites using this plugin without mitigation. The vulnerability highlights the importance of nonce validation in WordPress plugins to prevent CSRF attacks.

The primary impact of CVE-2025-8491 is on data integrity within affected WordPress sites using the Easy restaurant menu manager plugin. An attacker can cause unauthorized menu file uploads, potentially injecting malicious content or disrupting normal menu operations. While this does not directly compromise user data confidentiality or site availability, it can lead to misinformation, reputational damage, and potential downstream security issues if malicious files are uploaded. Organizations relying on this plugin for their online restaurant menus may face operational disruptions and loss of customer trust. Since exploitation requires an administrator to be tricked into clicking a link, social engineering is a key component, increasing the risk in environments with less security awareness. The vulnerability could be leveraged as part of a broader attack chain, for example, by uploading files that facilitate further exploitation or phishing campaigns. Overall, the impact is moderate but significant enough to warrant prompt remediation.

To mitigate CVE-2025-8491, organizations should first check for updates or patches from the plugin vendor and apply them immediately once available. In the absence of an official patch, administrators should implement manual nonce validation in the nsc_eprm_save_menu() function to ensure all requests are verified as legitimate. Additionally, restricting administrative access to trusted networks or VPNs can reduce exposure. Employing web application firewalls (WAFs) with rules to detect and block CSRF attempts targeting the plugin's endpoints can provide an additional layer of defense. Educating administrators about the risks of clicking unsolicited links and encouraging the use of multi-factor authentication (MFA) can help mitigate social engineering risks. Regularly auditing plugin usage and monitoring logs for suspicious activity related to menu uploads is recommended. Finally, consider disabling or replacing the plugin if it is not essential or if a secure alternative exists.