Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-03-06
CVE-2024-13469 - Pricing Table Plugin
The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Pricing Table
CVE-2024-13469
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-4102 - Pricing Table Plugin
The Pricing Table plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 2.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions like editing pricing tables.
PLUGIN
Pricing Table
CVE-2024-4102
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-4100 - Pricing Table Plugin
The Pricing Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the ajax() function. This makes it possible for unauthenticated attackers to perform a variety of actions related to managing pricing tables via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Pricing Table
CVE-2024-4100
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2022-0867 - Pricing Table Plugin
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users
PLUGIN
Pricing Table
CVE-2022-0867
Risk Score