Lucene search
K

23 matches found

Nuclei
Nuclei
added 17 hours ago62 views

WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting

WordPress Easy Pricing Tables plugin before 3.2.1 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter before reflecting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled. id:...

6.1CVSS6.4AI score0.01388EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.8 views

PT-2024-38938 · WordPress · Easy Pricing Tables

Name of the Vulnerable Software and Affected Versions: Easy Pricing Tables plugin for WordPress versions up to, and including, 3.2.6 Description: The issue is related to Stored Cross-Site Scripting via the fontFamily attribute due to insufficient input sanitization and output escaping. This allow...

6.4CVSS6.1AI score0.00321EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.6 views

WordPress plugin Easy Pricing Tables 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.6AI score0.00321EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/05 11:34 p.m.6 views

WordPress Easy Pricing Tables plugin <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Easy Pricing Tables versions = 3.2.6...

6.4CVSS5.7AI score0.00321EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.14 views

WordPress Easy Pricing Tables Plugin <= 3.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Easy Pricing Tables Type Plugin Vulnerable versions = 3.2.6 Fixed in 3.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8323 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 255a8654742f Credits Francesco Carlucci...

6.4CVSS5.7AI score0.00321EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 5:32 a.m.9 views

CVE-2024-8871 Pricing Tables WordPress Plugin – Easy Pricing Tables <= 3.2.5 - Reflected Cross-Site Scripting

The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.5. This makes it possible for unauthenticated attackers to...

6.1CVSS6.4AI score0.00355EPSS
Exploits0References3
CVE
CVE
added 2024/10/30 5:32 a.m.44 views

CVE-2024-8871

CVE-2024-8871 affects the Pricing Tables WordPress Plugin – Easy Pricing Tables. The vulnerability is a Reflected Cross‑Site Scripting flaw caused by using add_query_arg without proper escaping, present in all versions up to 3.2.5. It allows unauthenticated attackers to inject scripts into pages ...

6.1CVSS6AI score0.00355EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/29 8:33 p.m.7 views

WordPress Pricing Tables WordPress Plugin – Easy Pricing Tables plugin <= 3.2.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Easy Pricing Tables versions = 3.2.5...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.7 views

WordPress Easy Pricing Tables Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Easy Pricing Tables Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8871 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 642ead38dfc7 Credits vgo0 Required...

6.1CVSS5.6AI score0.00355EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/04 12:0 a.m.21 views

Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Note: Enable compatibility mode by going to the settings of the plugins. Exploit shortcode: easy-pricing-toggle...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2023/01/04 12:0 a.m.12 views

WordPress Easy Pricing Tables Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Pricing Tables Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4654 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 544b1a3a176c Credits István Márton...

5.4CVSS5.6AI score0.00471EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.154 views

Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Note: Enable compatibility mode by going to the settings of the plugins. Exploit shortcode: easy-pricing-toggle...

5.4CVSS0.00471EPSS
Exploits2
CNVD
CNVD
added 2022/06/09 12:0 a.m.20 views

WordPress Fatcat Apps Easy Pricing Tables plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Fatcat Apps Easy Pricing Tables plugin 3.1.2 and earlier versions contain a cross-site...

4.8CVSS2.2AI score0.00528EPSS
Exploits0References1
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2021-36866

Authenticated author or higher role Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Easy Pricing Tables plugin = 3.1.2 at WordPress...

4.8CVSS5.8AI score0.00528EPSS
Exploits0References2
Prion
Prion
added 2022/06/02 2:15 p.m.19 views

Cross site scripting

Authenticated author or higher role Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Easy Pricing Tables plugin = 3.1.2 at WordPress...

3.5CVSS4.9AI score0.00528EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.8 views

WordPress plugin Fatcat Apps Easy Pricing Tables 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Fatcat Apps Easy Pricing Tables plugin 3.1.2 and earlier versions contain a cross-site...

4.8CVSS5.2AI score0.00528EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/05/31 7:24 p.m.12 views

CVE-2021-36866 WordPress Easy Pricing Tables plugin <= 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated author or higher role Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Easy Pricing Tables plugin = 3.1.2 at WordPress...

4.8CVSS4.8AI score0.00528EPSS
Exploits0References2
CVE
CVE
added 2022/05/31 7:24 p.m.87 views

CVE-2021-36866

Summary: CVE-2021-36866 affects the Fatcat Apps Easy Pricing Tables WordPress plugin up to version 3.1.2. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) flaw caused by insufficient sanitization/escaping of inputs in the plugin, enabling an authenticated user (author or hi...

4.8CVSS4.8AI score0.00528EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/31 7:24 p.m.29 views

CVE-2021-36866 WordPress Easy Pricing Tables plugin <= 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated author or higher role Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Easy Pricing Tables plugin = 3.1.2 at WordPress...

4.8CVSS5.1AI score0.00528EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2022/05/31 12:0 a.m.12 views

Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape parameter before outputting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled, leading to a Reflected Cross-Site Scripting PoC With the "Compatibility Mode"...

6.1CVSS0.2AI score0.01388EPSS
Exploits2Affected Software1
Rows per page
Query Builder