Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/05/16 3:25 p.m.42 views

CVE-2020-37243 WordPress Plugin Supsystic Pricing Table 1.8.7 SQL Injection XSS

Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and...

8.8CVSS0.00276EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:25 p.m.12 views

CVE-2020-37243

Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and...

8.8CVSS6AI score0.00276EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/16 3:25 p.m.12 views

CVE-2020-37243

Affected product: WordPress plugin Supsystic Pricing Table 1.8.7. Vulnerabilities: SQL injection in the GET parameter ‘sidx’ via the getListForTbl action; stored cross-site scripting in the ‘Edit name’ and ‘Edit HTML’ fields that execute scripts when viewing pricing tables. Impact: unauthenticate...

8.8CVSS6AI score0.00276EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:25 p.m.7 views

CVE-2020-37243 WordPress Plugin Supsystic Pricing Table 1.8.7 SQL Injection XSS

Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and...

8.8CVSS6AI score0.00276EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.10 views

WordPress plugin Supsystic Pricing Table SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6AI score0.00276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.20 views

PT-2026-41443

Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and...

8.8CVSS6AI score0.00276EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-30576

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:37 a.m.17 views

CVE-2024-32790

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12...

4.3CVSS6.8AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2024/05/17 9:15 a.m.22 views

CVE-2024-32790

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12...

4.3CVSS4.7AI score0.00346EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/25 4:16 p.m.5 views

CVE-2021-46782

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.00788EPSS
Exploits1References2
wpexploit
wpexploit
added 2021/02/08 12:0 a.m.180 views

Pricing Table by Supsystic < 1.9.0 - Authenticated Stored Cross-Site Scripting

The label and datahtml POST parameter are not properly sanitised and escaped before being saved and output back in the page, leading to stored Cross-Site Scripting issues v alert1alert1 instead of the one above v 1.9.0, the edit HTML feature was removed client side but a crafted request could sti...

6.4AI score
Exploits0References1
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.411 views

WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/pricing-table-by-supsystic.1.8.7.zip Version: 1.8.7 and 1.8.6...

7.4AI score
Exploits0
OSV
OSV
added 2020/02/25 7:15 p.m.7 views

CVE-2020-9393

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS...

6.1CVSS6.8AI score0.00915EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2020/02/25 12:0 a.m.29 views

Pricing Table by Supsystic < 1.8.2 - Unauthenticated Stored XSS

No permission check on the ImportJSONTable endpoint allows for malicious javascript to be injected by unauthenticated users. PoC...

4.9CVSS1AI score0.00778EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder