CVE-2020-9392
📋 TL;DR
This vulnerability in the WordPress Pricing Table by Supsystic plugin allows unauthenticated attackers to access, create, modify, and export pricing table data without any permission checks. It affects WordPress sites running the plugin before version 1.8.2. The flaw enables unauthorized data manipulation and information disclosure.
💻 Affected Systems
- WordPress Pricing Table by Supsystic plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could completely compromise all pricing table data, inject malicious content into tables displayed to users, or exfiltrate sensitive business pricing information.
Likely Case
Unauthenticated users accessing and modifying pricing tables, potentially injecting malicious content or disrupting business operations.
If Mitigated
With proper authentication controls, only authorized administrators can manage pricing tables as intended.
🎯 Exploit Status
The vulnerability is straightforward to exploit via HTTP requests to the unprotected endpoints.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.8.2
Vendor Advisory: https://wordpress.org/plugins/pricing-table-by-supsystic/#developers
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Pricing Table by Supsystic'. 4. Click 'Update Now' if available, or download version 1.8.2+ from WordPress repository. 5. Activate the updated plugin.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the Pricing Table by Supsystic plugin until patched.
wp plugin deactivate pricing-table-by-supsystic
Web application firewall rule
linuxBlock access to vulnerable endpoints via WAF or .htaccess.
RewriteRule ^wp-content/plugins/pricing-table-by-supsystic/(importJSONTable|createFromTpl|getJSONExportTable) - [F,L]
🧯 If You Can't Patch
- Disable the Pricing Table by Supsystic plugin completely.
- Implement network-level blocking of requests to the vulnerable endpoints using a WAF.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for 'Pricing Table by Supsystic' version. If version is below 1.8.2, the site is vulnerable.Check Version:
wp plugin get pricing-table-by-supsystic --field=versionVerify Fix Applied:
Confirm plugin version is 1.8.2 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- HTTP requests to /wp-content/plugins/pricing-table-by-supsystic/ containing importJSONTable, createFromTpl, or getJSONExportTable from unauthenticated IPs.
- Unusual POST/GET requests to plugin endpoints without authentication.
Network Indicators:
- Unusual traffic patterns to plugin-specific endpoints from external IPs.
- HTTP 200 responses to pricing table endpoints without authentication headers.
SIEM Query:
source="web_logs" AND (uri="*importJSONTable*" OR uri="*createFromTpl*" OR uri="*getJSONExportTable*") AND user_agent!="*wp-admin*"