CVE-2026-1852

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

WordPress plugin Product Pricing Table by WooBeWoo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2020-30215

Malware in sbrugna...

CVE-2024-4102

The Pricing Table plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax function in all versions up to, and including, 2.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthoriz...

CVE-2024-4100

The Pricing Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the ajax function. This makes it possible for unauthenticated attackers to perform a variety of actions related t...

CVE-2021-46782

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting...

CVE-2024-13469

The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

CVE-2024-13469

CVE-2024-13469 concerns the WordPress plugin Pricing Table by PickPlugins. It enables a Stored Cross-Site Scripting (XSS) via the Button Link in all versions up to and including 1.12.10, caused by insufficient input sanitization and output escaping. The vulnerability requires an attacker with at ...

CVE-2024-13628

The WP Pricing Table WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress WP Pricing Table plugin <= 1.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WP Pricing Table versions = 1.1...

CVE-2020-9394

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF...

CVE-2020-9393

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS...

WordPress plugin Simple Pricing Table 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2024-4100

The Pricing Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the ajax function. This makes it possible for unauthenticated attackers to perform a variety of actions related t...

CVE-2024-4100

CVE-2024-4100 affects the Pricing Table plugin for WordPress. It is a CSRF vulnerability caused by missing/incorrect nonce validation on the ajax() function in versions up to 2.0.1, allowing unauthenticated attackers to forge requests to perform actions related to pricing tables if a site admin i...

PT-2024-29203 · WordPress · Pricing Table

Name of the Vulnerable Software and Affected Versions: Pricing Table plugin for WordPress versions up to, and including, 2.0.1 Description: The issue arises from a missing capability check on the ajax function, allowing authenticated attackers with subscriber-level access and above to perform...

VulnCheck KEV: CVE-2022-0867

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...

CVE-2022-46855

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP Darko Responsive Pricing Table plugin = 5.1.6 versions...

PT-2023-15080 · WordPress · Wp Darko Responsive Pricing Table

Name of the Vulnerable Software and Affected Versions: WP Darko Responsive Pricing Table plugin versions 5.1.6 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or users with higher privileges. The...

WordPress plugin Pricing Table SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A SQL injection vulnerability exists in versions prior to WordPress Pricing Table s plugin 3.6.1, which stem...