Search criteria
2 vulnerabilities found for price_table by supsystic
CVE-2021-46782 (GCVE-0-2021-46782)
Vulnerability from nvd – Published: 2022-04-25 15:50 – Updated: 2024-08-04 05:17
VLAI
Title
Pricing Table by Supsystic < 1.9.5 - Reflected Cross-Site Scripting
Summary
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/39e69487-aa53-4b… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Pricing Table by Supsystic |
Affected:
1.9.5 , < 1.9.5
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pricing Table by Supsystic",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.9.5",
"status": "affected",
"version": "1.9.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "0xB9"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-25T15:50:51.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Pricing Table by Supsystic \u003c 1.9.5 - Reflected Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-46782",
"STATE": "PUBLIC",
"TITLE": "Pricing Table by Supsystic \u003c 1.9.5 - Reflected Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pricing Table by Supsystic",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.9.5",
"version_value": "1.9.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "0xB9"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-46782",
"datePublished": "2022-04-25T15:50:51.000Z",
"dateReserved": "2022-04-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T05:17:42.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46782 (GCVE-0-2021-46782)
Vulnerability from cvelistv5 – Published: 2022-04-25 15:50 – Updated: 2024-08-04 05:17
VLAI
Title
Pricing Table by Supsystic < 1.9.5 - Reflected Cross-Site Scripting
Summary
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/39e69487-aa53-4b… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Pricing Table by Supsystic |
Affected:
1.9.5 , < 1.9.5
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pricing Table by Supsystic",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.9.5",
"status": "affected",
"version": "1.9.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "0xB9"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-25T15:50:51.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Pricing Table by Supsystic \u003c 1.9.5 - Reflected Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-46782",
"STATE": "PUBLIC",
"TITLE": "Pricing Table by Supsystic \u003c 1.9.5 - Reflected Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pricing Table by Supsystic",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.9.5",
"version_value": "1.9.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "0xB9"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/39e69487-aa53-4b78-a422-12515a6449bf"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-46782",
"datePublished": "2022-04-25T15:50:51.000Z",
"dateReserved": "2022-04-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T05:17:42.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}