Vulnerabilities > CVE-2022-0867 - Unspecified vulnerability in Reputeinfosystems Pricing Table

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

reputeinfosystems

critical

NVD

Published: 2022-05-16

Updated: 2024-11-21

Summary

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users

Vulnerable Configurations

Part	Description	Count
Application	Reputeinfosystems Reputeinfosystems Pricing Table *	1

References

https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494
https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494