Easy Pricing Tables < 3.1.3 – Author+ Stored Cross-Site Scripting | CVE 2021-36866

Affects Plugins

easy-pricing-tables

Fixed in 3.1.3

References

CVE

CVE-2021-36866

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

4.8 (medium)

Miscellaneous

Original Researcher

Ngo Van Thien

Verified

No

WPVDB ID

79d78d51-3947-4c25-b16b-b35baaf2cf77

Timeline

Publicly Published

2022-05-27 (about 4 years ago)

Added

2022-06-01 (about 4 years ago)

Last Updated

2023-03-02 (about 3 years ago)

Other

Published

Title

Published

2026-02-03

Title

Reflector < 1.2.3 - Reflected Cross-Site Scripting

Published

2024-04-22

Title

WP Media Category Management < 2.3.0 - Reflected Cross-Site Scripting

Published

2022-12-02

Title

Chained Quiz < 1.3.2.3 - Admin+ Stored XSS

Published

2023-01-20

Title

CTT Expresso para WooCommerce < 3.2.12 - Admin+ Stored XSS

Published

2024-01-02

Title

EmbedPress < 3.9.6 - Contributor+ Stored XSS