Vulnerabilities and security researches forpricing-table-by-supsystic pricing-table-by-supsystic

Jun 06, 2024

CVE, Research URL: CVE-2021-46782
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: Apr 25, 2022
Research Description: The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
Affected versions: max 1.8.9.
Status: vulnerable

CVE, Research URL: CVE-2020-9392
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: Mar 23, 2020
Research Description: An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.
Affected versions: max 1.8.2.
Status: vulnerable

CVE, Research URL: CVE-2020-9395
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: Jul 07, 2020
Research Description: An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2's 4-way-handshake via a malformed EAPOL-Key packet with a long keydata buffer.
Affected versions: max 1.8.2.
Status: vulnerable

CVE, Research URL: CVE-2024-32790
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: May 17, 2024
Research Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12.
Affected versions: max 1.9.13.
Status: vulnerable

CVE, Research URL: CVE-2020-9393
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: Feb 26, 2020
Research Description: An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.
Affected versions: max 1.8.2.
Status: vulnerable

CVE, Research URL: CVE-2020-9394
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: Feb 26, 2020
Research Description: An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
Affected versions: max 1.8.2.
Status: vulnerable

May 19, 2026

CVE, Research URL: CVE-2020-37243
Home page URL: Security reports for Pricing Table by Supsystic
Application: Pricing Table by Supsystic
Date: May 16, 2026
Research Description: Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and 'Edit HTML' fields that execute malicious scripts when viewing pricing tables.
Affected versions: max 1.8.7.
Status: vulnerable