Pricing Table By Supsystic
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32790 | Med | 0.28 | 4.3 | 0.00 | May 17, 2024 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12. | ||
| CVE-2021-46782 | 0.00 | — | 0.01 | Apr 25, 2022 | The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting | |||
| CVE-2020-9392 | 0.00 | — | 0.02 | Mar 23, 2020 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new… | |||
| CVE-2020-9394 | 0.00 | — | 0.01 | Feb 25, 2020 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF. | |||
| CVE-2020-9393 | 0.00 | — | 0.01 | Feb 25, 2020 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS. |
- risk 0.28cvss 4.3epss 0.00
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12.
- CVE-2021-46782Apr 25, 2022risk 0.00cvss —epss 0.01
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
- CVE-2020-9392Mar 23, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new…
- CVE-2020-9394Feb 25, 2020risk 0.00cvss —epss 0.01
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
- CVE-2020-9393Feb 25, 2020risk 0.00cvss —epss 0.01
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.