Browse all 4 CVE security advisories affecting PriceListo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PriceListo is a price comparison and e-commerce platform enabling businesses to monitor competitor pricing and optimize their own pricing strategies. Historically, the platform has been susceptible to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure direct object references. The four recorded CVEs highlight recurring issues in user input handling and access control mechanisms. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on PriceListo for competitive intelligence, particularly if proper security hardening measures are not implemented.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58812 | WordPress Best Restaurant Menu by PriceListo Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability — Best Restaurant Menu by PriceListoCWE-79 | 6.5 | Medium | 2025-09-05 |
| CVE-2024-49698 | WordPress Great Restaurant Menu WP plugin <= 1.4.2 - Broken Access Control vulnerability — Best Restaurant Menu by PriceListoCWE-862 | 4.3 | Medium | 2024-12-31 |
| CVE-2024-38793 | WordPress Best Restaurant Menu by Pricelisto plugin <= 1.4.1 - SQL Injection vulnerability — Best Restaurant Menu by PriceListoCWE-89 | 8.5 | High | 2024-08-29 |
| CVE-2023-47649 | WordPress Best Restaurant Menu by PriceListo Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Best Restaurant Menu by PriceListoCWE-352 | 5.4 | Medium | 2023-11-18 |
This page lists every published CVE security advisory associated with PriceListo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.