Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Active Products Tables for WooCommerce. Professional products tables for WooCommerce store  1.0.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 27, 2023

The Active Products Tables for WooCommerce is a plugin for WordPress stores that is vulnerable to a type of security issue called Stored Cross-Site Scripting. This means that people with certain levels of permissions on the store, such as Contributor, could inject malicious code into pages. This malicious code would then execute when someone visits the page, potentially exposing them to harm. The vulnerability affects all versions up to and including 1.0.6 due to the plugin not properly sanitizing user input or escaping output.

Detected in:

Active Products Tables for WooCommerce. Professional products tables for WooCommerce store  fixed vulnerable versions: >= * <= 1.0.6
Active Products Tables for WooCommerce. Use constructor to create tables  fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.