CVE-2024-1333

Name of the Vulnerable Software and Affected Versions The Responsive Pricing Table WordPress plugin versions prior to 5.1.11

Description The issue concerns a Stored Cross-Site Scripting flaw in the Responsive Pricing Table WordPress plugin. This flaw could allow users with the author role and above to perform attacks by embedding malicious code in a page or post where the related shortcode is used. The plugin does not properly validate and escape some of its Pricing Table options before outputting them. This could potentially enable unauthorized creation of admin accounts.

Recommendations For versions prior to 5.1.11, update to version 5.1.11 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Pricing Table options to minimize the risk of exploitation. Avoid using the vulnerable plugin functionality until the issue is resolved.