VYPR

Pricing Table

by Supsystic

CVEs (2)

  • CVE-2020-37243HigMay 16, 2026
    risk 0.53cvss 8.2epss 0.00

    Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the…

  • CVE-2024-4100MedJul 9, 2024
    risk 0.34cvss 5.3epss 0.00

    The Pricing Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the ajax() function. This makes it possible for unauthenticated attackers to perform a variety…