CVE-2021-36896 in Pricing Table
Summary
by MITRE • 04/12/2022
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 04/14/2022
The vulnerability CVE-2021-36896 represents a stored cross-site scripting flaw within the Pricing Table WordPress plugin that affects authenticated users with author or higher privileges. This issue resides in the plugin's handling of user input within pricing table entries, creating a persistent security risk that can be exploited by attackers who have gained access to a user account with sufficient permissions. The vulnerability specifically targets the plugin's data storage and rendering mechanisms, where malicious scripts can be injected and subsequently executed whenever affected pages are accessed by other users.
The technical implementation of this vulnerability stems from inadequate input sanitization and output escaping within the plugin's backend processing functions. When authenticated users with author roles create or modify pricing table entries, the plugin fails to properly validate and escape user-supplied content before storing it in the database. This stored content is then rendered without adequate protection measures, allowing malicious JavaScript code to be executed in the context of other users' browsers. The vulnerability falls under CWE-79 which classifies cross-site scripting as a critical weakness in web applications, specifically targeting the improper neutralization of input during web page generation.
The operational impact of this vulnerability extends beyond simple data theft or defacement, as it can enable attackers to escalate privileges, steal session cookies, perform actions on behalf of legitimate users, and potentially compromise entire WordPress installations. Attackers with author-level access can inject malicious scripts that persist across multiple user sessions, making the attack vector particularly dangerous for sites with multiple contributors or administrators. The stored nature of the XSS vulnerability means that even if the initial injection occurs during a specific user session, the malicious code remains active and can affect any user who views the affected pricing table content, creating a persistent threat that can grow in impact over time.
Mitigation strategies for CVE-2021-36896 should focus on immediate plugin updates to versions that address the stored XSS vulnerability, alongside comprehensive input validation and output escaping mechanisms. Organizations should implement strict role-based access controls to limit the number of users with author privileges, as this reduces the attack surface for potential exploitation. Security headers including Content Security Policy should be configured to prevent unauthorized script execution, while regular security audits of WordPress plugins and themes should be conducted to identify similar vulnerabilities. The ATT&CK framework categorizes this vulnerability under T1059.001 for command and scripting interpreter, specifically noting how stored XSS can be leveraged for code injection and persistence within web applications. Additionally, implementing web application firewalls and regular security monitoring can help detect and prevent exploitation attempts before they can cause significant damage to the WordPress environment.