Lucene search
+L

36 matches found

Prion
Prion
added 2024/01/05 10:15 a.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

7.5CVSS7.4AI score0.00249EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/05 9:54 a.m.44 views

CVE-2023-51673

CVE-2023-51673 concerns Cross-Site Request Forgery in the Stylish Price List – Price Table Builder & QR Code Restaurant Menu WordPress plugin (affected: from n/a through 7.0.17). The issue is a CSRF flaw (no details on exploit path beyond CSRF) that could enable unauthorized actions by a logged-i...

9.8CVSS8.6AI score0.00249EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/05 9:54 a.m.33 views

CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control

Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...

5.4CVSS9.7AI score0.00249EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.6 views

WordPress WooCommerce Tiered Price Table Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Tiered Price Table Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b5f585c6785 Credits Rafie Muhammad...

6.1AI score0.00284EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/03/22 12:0 a.m.16 views

WordPress Price Table plugin cross-site scripting vulnerability

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Price Table plugin version 0.2.2 and earlier versions are vulnerable to cross-site scripting. An attacker could exploit this vulnerability to...

5.4CVSS2AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 6:15 p.m.6 views

CVE-2022-25604

Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...

5.4CVSS5.8AI score0.00559EPSS
Exploits0References2
NVD
NVD
added 2022/03/18 6:15 p.m.22 views

CVE-2022-25604

Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...

5.4CVSS0.00559EPSS
Exploits0References2
CVE
CVE
added 2022/03/18 6:0 p.m.77 views

CVE-2022-25604

The CVE affects WordPress Price Table plugin versions

5.4CVSS4.6AI score0.00559EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/18 6:0 p.m.26 views

CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...

4.1CVSS5.5AI score0.00559EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/03/18 6:0 p.m.7 views

CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...

4.1CVSS4.5AI score0.00559EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/18 12:0 a.m.3 views

WordPress plugin Price Table 跨站脚本漏洞

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Price Table plugin version 0.2.2 and earlier versions are vulnerable to cross-site scripting. An attacker could exploit this vulnerability to...

5.4CVSS4.8AI score0.00559EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/18 12:0 a.m.5 views

PT-2022-17398 · WordPress · Wordpress Price Table

Name of the Vulnerable Software and Affected Versions: WordPress Price Table plugin versions = 0.2.2 Description: An Authenticated Stored Cross-Site Scripting XSS issue was found in the WordPress Price Table plugin. This issue allows contributors with a higher user role to inject malicious script...

5.4CVSS5.1AI score0.00559EPSS
Exploits0References4
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress WooCommerce Tiered Price Table plugin <= 2.6.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Tiered Price Table plugin versions = 2.6.0. Solution Update the WordPress WooCommerce Tiered Price Table plugin to the latest available version at least 2.6.1...

4.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress WooCommerce Tiered Price Table plugin <= 2.6.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Tiered Price Table plugin versions = 2.6.0. Solution Update the WordPress WooCommerce Tiered Price Table plugin to the latest available version at least 2.6.1...

2.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/01/27 12:0 a.m.22 views

WordPress Price Table plugin <= 0.2.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien in WordPress Price Table plugin versions = 0.2.2. Solution Deactivate and delete. This plugin has been closed as of January 27, 2022 and is not available for download. This closure is temporary, pending a full review...

5.4CVSS2.6AI score0.00559EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.22 views

Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS

The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Flip Box” widget accepts a “fronttitlehtmltag” parameter. Although the element...

3.5CVSS0.8AI score0.0059EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder