CVE-2025-62886
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Description
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-table allows Stored XSS.This issue affects Pricing Table builder: from n/a through <= 1.5.3.
Analysis
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder WordPress plugin (versions up to 1.5.3) enables stored Cross-Site Scripting (XSS) attacks through social engineering. Unauthenticated remote attackers can trick administrators into executing malicious actions that inject persistent JavaScript code into the WordPress site. EPSS score of 0.02% (4th percentile) indicates minimal observed exploitation activity, with no CISA KEV listing or public exploit identified at time of analysis. The CVSS score of 8.8 reflects the high impact potential when user interaction succeeds, though real-world risk depends heavily on social engineering effectiveness.
Technical Context
This vulnerability affects the wpdevart Pricing Table builder WordPress plugin through version 1.5.3. The root cause is CWE-352 (Cross-Site Request Forgery), where the plugin fails to implement proper anti-CSRF tokens or nonce validation on administrative actions. The CSRF weakness is chained with stored XSS capability, meaning an attacker can craft a malicious request that, when executed by an authenticated administrator, injects persistent JavaScript into the pricing table configuration or content. This stored XSS payload then executes in the context of any user viewing the affected pages, enabling session hijacking, credential theft, or further site compromise. WordPress plugins handling administrative functions must implement wp_nonce_field() and check_admin_referer() to validate request authenticity, which appears to be missing or improperly implemented in affected versions.
Affected Products
The vulnerability impacts wpdevart Pricing Table builder WordPress plugin versions from the initial release through version 1.5.3 inclusive. This plugin, identified in the WordPress ecosystem as wpdevart-pricing-table, is used for creating responsive pricing tables on WordPress websites. The vulnerability was reported by the Patchstack security research team ([email protected]), indicating coordinated disclosure through WordPress plugin security channels. All WordPress installations running wpdevart Pricing Table builder version 1.5.3 or earlier are affected, regardless of WordPress core version. The vendor advisory and detailed vulnerability information are available through Patchstack's database at the reference URL provided.
Remediation
WordPress site administrators should immediately update the wpdevart Pricing Table builder plugin to version 1.5.4 or later, which addresses the CSRF and stored XSS vulnerabilities according to the Patchstack database entry. Updates can be applied through the WordPress admin dashboard under Plugins > Installed Plugins by selecting the update option for wpdevart-pricing-table, or by downloading the patched version from the official WordPress plugin repository. Prior to updating, administrators should verify compatibility with their WordPress version and create a full site backup. For environments where immediate patching is not feasible, temporary risk mitigation includes restricting administrative access to trusted IP addresses through web application firewall rules, implementing additional authentication layers for administrative users, and educating administrators about CSRF attack vectors and the importance of not clicking unknown links while logged into WordPress. Detailed vulnerability information and remediation guidance is available at https://patchstack.com/database/Wordpress/Plugin/wpdevart-pricing-table/vulnerability/wordpress-pricing-table-builder-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today