CVE-2025-9209 Scanner

RestroPress is a popular online food ordering system used by WordPress websites, primarily by restaurants and food businesses to facilitate online order taking. It is favored for its user-friendly interface and efficient order management process. Many small and medium-sized businesses prefer using this plugin due to its seamless integration with WordPress and various payment gateways. Users can place orders through an easy-to-use menu interface, making it convenient for customers and staff alike. Installed as a WordPress plugin, RestroPress is an extension enhancing the existing capabilities of WordPress-powered sites. It plays a vital role in a business's online presence, impacting sales and customer engagement.

The authentication bypass vulnerability discovered in RestroPress allows unauthorized attackers to gain access to user accounts. By exploiting this issue, malicious users can forge JWT tokens, posing as valid users. This potentially grants them access to sensitive user information and control over accounts, including administrator accounts. The vulnerability is significantly relevant because it does not require prior authentication, making it easier for attackers to exploit. This security loophole affects versions from 3.0.0 to 3.2.1, where exposures occur due to improper handling of user tokens and API data. Special focus is required to handle this issue to prevent misuse and data breaches.

The technical details of the authentication bypass exploit revolve around the exposure of user tokens via the /wp-json/wp/v2/users endpoint. This improper token handling allows attackers to create malicious JWT tokens. Tools checking the endpoint can expose how the vulnerability occurs when no proper authentication measures secure token generation and validation processes. In practice, attackers can exploit this by sending requests that result in them acquiring unauthorized tokens used to access other users' data. The endpoint essentially leaks API data creating a dangerous path for malicious intrusions. Version checks reaffirm its impact range and highlight where fixes should be proactively applied.

If exploited, this vulnerability can have severe repercussions, including unauthorized access to sensitive data and complete account takeovers. Attackers can use the forged JWT tokens to authenticate as users, enabling potential breaches into user accounts, including those with administrative privileges. This could lead to data sabotage, site defacement, unauthorized transactions, and full-scale identity theft. Further issues could include data integrity challenges, loss of customer trust, and potential legal consequences for businesses. Consequently, protecting systems against this vulnerability should be a high-priority concern for affected users.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/restropress/restropress-online-food-ordering-system-300-3192-unauthenticated-information-exposure-to-authentication-bypass-via-forged-jwt
• https://nvd.nist.gov/vuln/detail/CVE-2025-9209