{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13418", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-19T14:53:03.624Z", "datePublished": "2026-01-07T09:20:57.461Z", "dateUpdated": "2026-04-08T16:55:47.541Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:55:47.541Z"}, "affected": [{"vendor": "spwebguy", "product": "Responsive Pricing Table", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.1.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'plan_icons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Responsive Pricing Table <= 5.1.12 - Authenticated (Author+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d28fd23-fa86-4353-b1b4-af61192f8482?source=cve"}, {"url": "https://wordpress.org/plugins/dk-pricr-responsive-pricing-table/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3435445%40dk-pricr-responsive-pricing-table&new=3435445%40dk-pricr-responsive-pricing-table&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}], "timeline": [{"time": "2026-01-06T20:36:46.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-07T14:42:21.628843Z", "id": "CVE-2025-13418", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T14:42:29.479Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13418", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-07T14:42:21.628843Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T14:42:25.450Z"}}], "cna": {"title": "Responsive Pricing Table <= 5.1.12 - Authenticated (Author+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "spwebguy", "product": "Responsive Pricing Table", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "5.1.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-06T20:36:46.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d28fd23-fa86-4353-b1b4-af61192f8482?source=cve"}, {"url": "https://wordpress.org/plugins/dk-pricr-responsive-pricing-table/"}], "descriptions": [{"lang": "en", "value": "The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'plan_icons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-01-07T09:20:57.461Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13418", "state": "PUBLISHED", "dateUpdated": "2026-01-07T14:42:29.479Z", "dateReserved": "2025-11-19T14:53:03.624Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-07T09:20:57.461Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'plan_icons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El plugin Responsive Pricing Table para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del par\u00e1metro 'plan_icons' en todas las versiones hasta la 5.1.12, inclusive, debido a una sanitizaci\u00f3n de entrada insuficiente y un escape de salida deficiente. Esto permite a atacantes autenticados, con acceso de nivel Autor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."}], "id": "CVE-2025-13418", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-07T12:16:47.733", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3435445%40dk-pricr-responsive-pricing-table&new=3435445%40dk-pricr-responsive-pricing-table&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/dk-pricr-responsive-pricing-table/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d28fd23-fa86-4353-b1b4-af61192f8482?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T00:03:49.010930+00:00", "value": {"mitigation_remediation": ["Update the Responsive Pricing Table plugin to the latest version (5.1.13 or later).", "If an update is not immediately available, restrict the use of the plan_icons feature to administrators only, or disable it entirely for non\u2011admin roles.", "Implement a content filter or WAF rule that blocks or strips script delimiters from the plan_icons field before it is rendered, ensuring all HTML is escaped or sanitized."], "summary": {"action": "Patch immediately", "impact": "Stored Cross\u2011Site Scripting via the plan_icons parameter in Responsive Pricing Table"}, "threat_synthesis": {"affected_systems": "WordPress sites that have the Responsive Pricing Table plugin by spwebguy installed in versions 5.1.12 or earlier are affected. The plan_icons parameter is the attack vector in all releases up to and including 5.1.12.", "description_and_impact": "The Responsive Pricing Table plugin for WordPress is vulnerable to stored cross\u2011site scripting when an authenticated user with Author-level access or higher can submit data to the plan_icons field. Insufficient input sanitization and output escaping allow attackers to inject arbitrary JavaScript, which executes in the browser context of any site visitor who views a page containing the injected content. The weakness is a client\u2011side injection flaw (CWE\u201179).", "risk_and_exploitability": "The CVSS score of 6.4 indicates a moderate severity, while an EPSS score of 2% suggests the likelihood of exploitation is currently low but non\u2011negligible. The attacker must first log in with Author or higher privileges, so the vector is authenticated. Because the payload runs in visitors\u2019 browsers, a moderate number of compromised content editors can create widespread impact. The issue is not yet listed in CISA KEV, meaning no documented widespread exploitation has been observed, but the presence of the flaw warrants prompt attention."}}}}, "created": "2026-01-08T09:49:56.342431+00:00", "updated": "2026-04-22T00:15:03.765749+00:00", "vendors": ["spwebguy", "spwebguy$PRODUCT$responsive_pricing_table", "wordpress", "wordpress$PRODUCT$wordpress"]}