An issue exists in the pricing-table-by-supsystic plugin prior to 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
supsystic pricing table by supsystic |