Vulnerabilities > CVE-2023-1274 - Unspecified vulnerability in Pricing Tables for Wpbakery Page Builder Project Pricing Tables for Wpbakery Page Builder

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

pricing-tables-for-wpbakery-page-builder-project

NVD

Published: 2023-04-17

Updated: 2023-11-07

Summary

The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks

Vulnerable Configurations

Part	Description	Count
Application	Pricing_Tables_For_Wpbakery_Page_Builder_Project Pricing Tables FOR Wpbakery Page Builder Project Pricing Tables FOR Wpbakery Page Builder -	1

References

https://wpscan.com/vulnerability/267acb2c-1a95-487f-a714-516de05d2b2f