Stored XSS Vulnerability in Active Products Tables for WooCommerce
CVE-2023-51480

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Active Products Tables For WooCommerce. Professional Products Tables For WooCommerce Store
Vendor: CVE Published:; 10 February 2024

What is CVE-2023-51480?

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store allows Stored XSS.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.

Affected Version(s)

Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6

References

https://patchstack.com/database/vulnerability/profit-prod...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2024
Vulnerability Reserved
Dec 20, 2023

Credit

LVT-tholv2k (Patchstack Alliance)