What the vulnerability does
01Description
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
CVE-2021-46782
CVE-2021-46782: Pricing Table by Supsystic < 1.9.5 - Reflected Cross-Site Scripting
CVSS base score
—
Key dates
02Disclosure timeline
April 25, 2022
CVE published
August 4, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-39345 HAL <= 2.1.1 Authenticated Stored Cross-Site Scripting
CVE-2023-40656 Extension - plasma-web.ru - Reflected XSS in Quickform component for Joomla 1.0.0-3.3.01
CVE-2025-58921 WordPress WP Tactical Popup plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2021-22723
CVE-2025-62110 WordPress Rescue Shortcodes plugin <= 3.3 - Cross Site Scripting (XSS) vulnerability
