CVE-2020-9394: CSRF
First published: Tue Feb 25 2020(Updated: )
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Supsystic Pricing Table | <1.8.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerable software?
The vulnerable software is Supsystic Pricing Table By Supsystic plugin for WordPress.
What version of the plugin is affected?
Versions up to and excluding 1.8.2 of the Supsystic Pricing Table By Supsystic plugin are affected.
What is the severity of CVE-2020-9394?
The severity of CVE-2020-9394 is high (CVSS score: 8.8).
What is the CWE category of CVE-2020-9394?
The CWE category of CVE-2020-9394 is CWE-352 (Cross-Site Request Forgery).
How can I fix CVE-2020-9394?
To fix CVE-2020-9394, update the Supsystic Pricing Table By Supsystic plugin to version 1.8.2 or newer.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/supsystic
- canonical/supsystic pricing table