CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-0640

The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.4%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://plugins.trac.wordpress.org/changeset/2684253
https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9
https://plugins.trac.wordpress.org/changeset/2684253
https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9

Products affected by CVE-2022-0640

Wpdevart » Pricing Table Builder » Version: Any

cpe:2.3:a:wpdevart:pricing_table_builder:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0640

Products

Pricing

Contact Us