4 matches found
CVE-2022-1904
CVE-2022-1904 affects the WordPress Easy Pricing Tables plugin prior to 3.2.1. The vulnerability is a reflected Cross-Site Scripting (XSS) caused by not sanitizing/escaping a parameter before reflecting it back in a page when a specific setting is enabled. Affects authenticated and unauthenticate...
CVE-2021-36866
Summary: CVE-2021-36866 affects the Fatcat Apps Easy Pricing Tables WordPress plugin up to version 3.1.2. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) flaw caused by insufficient sanitization/escaping of inputs in the plugin, enabling an authenticated user (author or hi...
CVE-2021-25098
The CVE concerns the Easy Pricing Tables (Pricing Tables WordPress Plugin) before version 3.1.3, which does not verify the CSRF nonce when deleting posts. This CSRF weakness allows an authenticated attacker to trigger a logged-in admin to remove arbitrary posts, with affected posts moved to trash...
CVE-2024-8323
CVE-2024-8323 affects the Pricing Tables WordPress Plugin – Easy Pricing Tables (WordPress). The vulnerability is a Stored Cross-Site Scripting via the fontFamily attribute in all versions up to and including 3.2.6, exploitable by authenticated users with Contributor-level access or higher to inj...