VYPR
Unrated severityNVD Advisory· Published Mar 23, 2020· Updated Aug 4, 2024

CVE-2020-9392

CVE-2020-9392

Description

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.