VYPR

Pricing Table Builder

by WordPress

CVEs (3)

  • CVE-2023-0900HigJun 5, 2023
    risk 0.47cvss 7.2epss 0.03

    The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admins.

  • CVE-2025-62886HigOct 27, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-table allows Stored XSS.This issue affects Pricing Table builder: from n/a through <= 1.5.3.

  • CVE-2022-0640MedMar 21, 2022
    risk 0.40cvss 6.1epss 0.01

    The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.