36 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
CVE-2023-51673
CVE-2023-51673 concerns Cross-Site Request Forgery in the Stylish Price List – Price Table Builder & QR Code Restaurant Menu WordPress plugin (affected: from n/a through 7.0.17). The issue is a CSRF flaw (no details on exploit path beyond CSRF) that could enable unauthorized actions by a logged-i...
CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in Designful Stylish Price List – Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List – Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17...
WordPress WooCommerce Tiered Price Table Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Tiered Price Table Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b5f585c6785 Credits Rafie Muhammad...
WordPress Price Table plugin cross-site scripting vulnerability
WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Price Table plugin version 0.2.2 and earlier versions are vulnerable to cross-site scripting. An attacker could exploit this vulnerability to...
CVE-2022-25604
Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...
CVE-2022-25604
Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...
CVE-2022-25604
The CVE affects WordPress Price Table plugin versions
CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...
CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...
WordPress plugin Price Table 跨站脚本漏洞
WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Price Table plugin version 0.2.2 and earlier versions are vulnerable to cross-site scripting. An attacker could exploit this vulnerability to...
PT-2022-17398 · WordPress · Wordpress Price Table
Name of the Vulnerable Software and Affected Versions: WordPress Price Table plugin versions = 0.2.2 Description: An Authenticated Stored Cross-Site Scripting XSS issue was found in the WordPress Price Table plugin. This issue allows contributors with a higher user role to inject malicious script...
WordPress WooCommerce Tiered Price Table plugin <= 2.6.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Tiered Price Table plugin versions = 2.6.0. Solution Update the WordPress WooCommerce Tiered Price Table plugin to the latest available version at least 2.6.1...
WordPress WooCommerce Tiered Price Table plugin <= 2.6.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Tiered Price Table plugin versions = 2.6.0. Solution Update the WordPress WooCommerce Tiered Price Table plugin to the latest available version at least 2.6.1...
WordPress Price Table plugin <= 0.2.2 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien in WordPress Price Table plugin versions = 0.2.2. Solution Deactivate and delete. This plugin has been closed as of January 27, 2022 and is not available for download. This closure is temporary, pending a full review...
Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Flip Box” widget accepts a “fronttitlehtmltag” parameter. Although the element...