Log out
Get PRO

Latest

Input validation vulnerability in TablePress – Tables in WordPress made easy 2.4.2

  • Severity: high-risk
  • Status: Open
  • Publication: October 7, 2024

A tool used to keep files safe from harmful attacks called XXE can be avoided by making small changes to the way the file is organized. This can happen on servers that let people upload their own Excel documents. This means that important server files and private information can be seen by others if a specific file is created.

Detected in:

Advanced Contact form 7 DB fixed vulnerable versions: >= * <= 2.0.5
Advanced Order Export For WooCommerce fixed vulnerable versions: >= * <= 3.6.0
Import Users & Customers | Export Users with Excel for WordPress & WooCommerce fixed vulnerable versions: >= * <= 1.5
Product Excel Import & Export for WooCommerce fixed vulnerable versions: >= * <= 5.9
Products Stock Manager with Excel for WooCommerce Inventory fixed vulnerable versions: >= * <= 1.8
TablePress – Tables in WordPress made easy fixed vulnerable versions:
Visualizer: Tables and Charts Manager for WordPress fixed vulnerable versions: >= * <= 3.11.6
Product Excel Import Export & Bulk Edit for WooCommerce open vulnerable versions: >= * <= 4.6

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.