Filtered by vendor Supsystic
Subscribe
Search
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5756 | 1 Supsystic | 1 Digital Publications By Supsystic | 2023-12-12 | N/A | 8.8 HIGH |
| The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2022-33960 | 1 Supsystic | 1 Social Share Buttons | 2022-07-26 | N/A | 8.8 HIGH |
| Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | |||||
| CVE-2022-27235 | 1 Supsystic | 1 Social Share Buttons | 2022-07-26 | N/A | 8.8 HIGH |
| Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | |||||
| CVE-2020-12075 | 1 Supsystic | 1 Data Tables Generator | 2020-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions. | |||||
| CVE-2020-12076 | 1 Supsystic | 1 Data Tables Generator | 2020-04-29 | 6.8 MEDIUM | 8.8 HIGH |
| The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS. | |||||
| CVE-2020-9392 | 1 Supsystic | 1 Pricing Table By Supsystic | 2020-03-25 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table. | |||||
| CVE-2020-9394 | 1 Supsystic | 1 Pricing Table By Supsystic | 2020-02-26 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF. | |||||
| CVE-2016-10918 | 1 Supsystic | 1 Photo Gallery | 2019-08-26 | 6.8 MEDIUM | 8.8 HIGH |
| The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | |||||
| CVE-2016-10915 | 1 Supsystic | 1 Popup | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. | |||||
| CVE-2017-18512 | 1 Supsystic | 1 Newsletter By Supsystic | 2019-08-20 | 6.8 MEDIUM | 8.8 HIGH |
| The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. | |||||