mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
839 B
839 B
CVE-2020-9392
Description
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.
POC
Reference
Github
No PoCs found on GitHub currently.