cleantalk
Vulnerabilities and Security Researches

Stylish Price List – Price Table Builder & QR Code Restaurant Menu, CVE-2021-24757

CVE, Research URL

CVE-2021-24757

Home page URL

Security reports for Stylish Price List – Price Table Builder & QR Code Restaurant Menu

Application

Stylish Price List – Price Table Builder & QR Code Restaurant Menu

Published on
Nov 01, 2021
Research Description
The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could allow unauthenticated users to upload images.
Affected versions
Min -, max 6.9.1.
Status
vulnerable
Previous vulnerability researches
Stylish Price List – Price Table Builder & QR Code Restaurant Menu (CVE-2024-10472) , Mar 27, 2025
Stylish Price List – Price Table Builder & QR Code Restaurant Menu (CVE-2021-24757) , Jun 07, 2024
Stylish Price List – Price Table Builder & QR Code Restaurant Menu (CVE-2023-51673) , Jun 07, 2024
Stylish Price List – Price Table Builder & QR Code Restaurant Menu (CVE-2021-24770) , Jun 07, 2024
Stylish Price List – Price Table Builder & QR Code Restaurant Menu (CVE-2024-7758) , May 19, 2025
New vulnerability
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP & AMP (CVE-2024-7759) , May 19, 2025
Badgearoo (CVE-2025-1033) , May 19, 2025
All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic (CVE-2025-2892) , May 19, 2025