Vulnerabilities > CVE-2023-0367 - Unspecified vulnerability in Pricing Tables for Wpbakery Page Builder Project Pricing Tables for Wpbakery Page Builder

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

pricing-tables-for-wpbakery-page-builder-project

NVD

Published: 2023-04-17

Updated: 2024-11-21

Summary

The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin before 3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Vulnerable Configurations

Part	Description	Count
Application	Pricing_Tables_For_Wpbakery_Page_Builder_Project Pricing Tables FOR Wpbakery Page Builder Project Pricing Tables FOR Wpbakery Page Builder -	1

References

https://wpscan.com/vulnerability/d7685af2-6034-49ea-93ef-4debe72689bc
https://wpscan.com/vulnerability/d7685af2-6034-49ea-93ef-4debe72689bc