WordPress Plugin Vulnerabilities

Pricing Table by Supsystic < 1.8.2 - Insecure Permissions on AJAX Actions

Description

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.

Proof of Concept

Affects Plugins

Plugin icon
pricing-table-by-supsystic
Fixed in 1.8.2

References

CVE
CVE-2020-9394
CVE
CVE-2020-9393
CVE
CVE-2020-9392
URL
https://www.wordfence.com/blog/2020/02/multiple-vulnerabilities-patched-in-pricing-table-by-supsystic-plugin/

Miscellaneous

Original Researcher
Chloe Chamberland
Submitter
Chloe Chamberland
Submitter website
https://www.wordfence.com/
Submitter twitter
infosecchloe
Verified
No
WPVDB ID
5284a0bb-de49-43ed-9fc1-381405c1315e

Timeline

Publicly Published
2020-02-25 (about 6 years ago)
Added
2020-02-25 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2020-08-13
Title
Quiz and Survey Master < 7.0.1 - Unauthenticated Arbitrary File Deletion
Published
2022-05-30
Title
Very Simple Contact Form < 11.6 - Captcha bypass
Published
2022-05-17
Title
iQ Block Country < 1.2.20 - Protection Bypass due to IP Spoofing
Published
2020-12-14
Title
Limit Login Attempts Reloaded < 2.17.4 - Login Rate Limiting Bypass
Published
2021-08-05
Title
User Rights Access Manager < 1.0.8 - Access Restriction Bypass