Vulnerabilities (CVE)

Filtered by vendor Supsystic Subscribe
Filtered by product Pricing Table By Supsystic
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9394 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
CVE-2020-9393 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.
CVE-2020-9392 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 7.5 HIGH 7.3 HIGH
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.