WP-Safety

GASTROFIX Menu Plugin Security & Risk Analysis

wordpress.org/plugins/vendomat-gastrofix-menu

Präsentieren Sie ausgewählte Produkte aus der GASTROFIX Kasse direkt auf Ihrer Internet Präsenz. Present selected pdoructs from the GASTROFIX cash re …

0 active installs v1.0.1 PHP + WP + Updated Jun 12, 2020
digital-menugastrofixmenuboard
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is GASTROFIX Menu Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

GASTROFIX Menu Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The 'vendomat-gastrofix-menu' plugin v1.0.1 presents a mixed security posture. On the positive side, it shows good practices in SQL query handling with 100% prepared statements and a focus on capability checks. The absence of known CVEs and common vulnerability types in its history suggests a relatively stable and secure past, indicating potential developer attention to security. However, significant concerns arise from the static analysis. The presence of two AJAX handlers without authentication checks creates a substantial attack surface accessible to any logged-in user, which could be exploited if these handlers are vulnerable to cross-site scripting or other injection attacks. Additionally, the taint analysis revealed one flow with unsanitized paths, and although marked as low severity, it warrants attention as it could potentially lead to path traversal or file inclusion vulnerabilities. The moderate rate of properly escaped output (57%) also suggests a risk of cross-site scripting vulnerabilities in less critical areas.

Key Concerns

  • Unprotected AJAX handlers
  • Flow with unsanitized paths (low severity)
  • Moderate output escaping percentage
Vulnerabilities
None known

GASTROFIX Menu Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

GASTROFIX Menu Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
20
26 escaped
Nonce Checks
1
Capability Checks
4
File Operations
5
External Requests
5
Bundled Libraries
1

Bundled Libraries

DataTables

Output Escaping

57% escaped46 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
<requestAccessToken> (extensions\requests\requestAccessToken.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

GASTROFIX Menu Plugin Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_gastrofix_menu_send_requestvendomat-gastrofix-menu.php:29
noprivwp_ajax_gastrofix_menu_send_requestvendomat-gastrofix-menu.php:30

Shortcodes 1

[gf_menucard] shortcodes.php:7
WordPress Hooks 3
actionadmin_enqueue_scriptsvendomat-gastrofix-menu.php:20
actionadmin_menuvendomat-gastrofix-menu.php:23
actionadmin_initvendomat-gastrofix-menu.php:26
Maintenance & Trust

GASTROFIX Menu Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24
Last updatedJun 12, 2020
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

GASTROFIX Menu Plugin Alternatives

MenuMaster – Interactive Mobile-First Restaurant Menu Plugin for WooCommerce

MenuMaster – Interactive Mobile-First Restaurant Menu Plugin for WooCommerce

menumaster-restaurant-menu

A
100

Create mobile-friendly restaurant menus that are easy for customers to access by scanning a QR code. Custom tags and filters make navigation simple, h &hellip;

60 No CVEs
QRMenu Restaurant QR Menu Lite

QRMenu Restaurant QR Menu Lite

qrmenu-lite

B
77

QRMenu Lite is an advanced online menu tool for restaurants and other food establishments to manage digital menus right on your websites.

30 1 unpatched
wMenu Digital Menu and Restaurant Ordering

wMenu Digital Menu and Restaurant Ordering

wmenu-digital-menu-and-restaurant-ordering

A
85

wMenu is restaurant Menu and Ordering plugin. wMenu helps site builders to add restaurant Menu, Wine and Drink list into any WordPress theme.

10 No CVEs
MenuMax – Digital Restaurant Menus

MenuMax – Digital Restaurant Menus

menumax-digital-restaurant-menus

A
100

Create stunning, mobile-responsive digital restaurant menus with drag-and-drop builder, WooCommerce integration, and multi-currency support.

0 No CVEs
Developer Profile

GASTROFIX Menu Plugin Developer Profile

vendomat

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect GASTROFIX Menu Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/vendomat-gastrofix-menu/stylesheets/jquery.dataTables.min.css/wp-content/plugins/vendomat-gastrofix-menu/javascripts/jquery.dataTables.min.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/general_functions.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/classes/wpTabs.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/modules/gastrofix_loader.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/main.js/wp-content/plugins/vendomat-gastrofix-menu/stylesheets/scaffolds.css/wp-content/plugins/vendomat-gastrofix-menu/javascripts/masonry.pkgd.js+2 more
Script Paths
/wp-content/plugins/vendomat-gastrofix-menu/javascripts/general_functions.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/classes/wpTabs.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/modules/gastrofix_loader.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/main.js/wp-content/plugins/vendomat-gastrofix-menu/javascripts/masonry.pkgd.js/wp-content/plugins/vendomat-gastrofix-menu/templates/template.js

HTML / DOM Fingerprints

CSS Classes
vendomat_menucarditem_containeritemitem_textitem_imgitem_price
JS Globals
gf_optionajax_object
Shortcode Output
<div class="vendomat_menucard">
FAQ

Frequently Asked Questions about GASTROFIX Menu Plugin