WordPress plugin Pricing Table SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A SQL injection vulnerability exists in versions prior to WordPress Pricing Table s plugin 3.6.1, which stem...

CVE-2021-46782

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting...

CVE-2021-36896

Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability in Pricing Table WordPress plugin versions = 1.5.2...

WordPress plugin Pricing Table 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Pricing Table plugin 1.5.2 and earlier versions contain a cross-site scripting vulnerability that can be exploited by an...

CVE-2022-25604 WordPress Price Table plugin <= 0.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor of higher user role Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Price Table plugin versions = 0.2.2...

CVE-2022-25604

The CVE affects WordPress Price Table plugin versions

CVE-2021-24898

The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress WP Table Builder – WordPress Table Plugin plugin < 1.3.16 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Table Builder – WordPress Table Plugin plugin versions 1.3.16. Solution Update the WordPress WP Table Builder – WordPress Table Plugin plugin to the latest available version at least 1.3.16...

WordPress WP Table Builder – WordPress Table Plugin plugin < 1.3.16 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP Table Builder – WordPress Table Plugin plugin versions 1.3.16. Solution Update the WordPress WP Table Builder – WordPress Table Plugin plugin to the latest available version at least 1.3.16...

WordPress Editable Table plugin <= 0.1.4 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Vaibhav Koli in WordPress Editable Table plugin versions = 0.1.4. Solution Deactivate and delete. This plugin has been closed as of October 25, 2021 and is not available for download. Reason: Security Issue...

CVE-2020-9392

The CVE-2020-9392 entry concerns the WordPress plugin Pricing Table by Supsystic prior to version 1.8.2. The vulnerability stems from missing permission checks on three endpoints (ImportJSONTable, createFromTpl, getJSONExportTable), allowing unauthenticated users to retrieve pricing table data, c...

CVE-2020-9394

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF...

WordPress Easy Table Plugin <= 1.5.2 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

CVE-2007-2483

Directory traversal vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via the wpPATH parameter...