Cross-site Scripting Vulnerability in WP Table Builder by WordPress
CVE-2025-32598

6.1MEDIUM

Key Information:

Vendor

WordPress
Status
WP Table Builder
Vendor
CVE Published:
11 April 2025

What is CVE-2025-32598?

WP Table Builder suffers from a reflected Cross-site Scripting (XSS) vulnerability. This security flaw allows attackers to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, and other malicious activities. The vulnerability affects versions from n/a through 2.0.4, making it crucial for users to update to a patched version to ensure their website's security.

Affected Version(s)

WP Table Builder <= 2.0.4

References

https://patchstack.com/database/wordpress/plugin/wp-table...
vdb-entry

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Peter Thaleikis (Patchstack Alliance)
.
The Cyber Security Vulnerability Database.