Cross-site Scripting Vulnerability in WP Table Builder by WordPress
CVE-2025-55711

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: WP Table Builder
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-55711?

WP Table Builder, a popular tool for creating responsive tables in WordPress, is susceptible to a Cross-site Scripting (XSS) vulnerability that allows for stored attacks. This flaw can enable attackers to inject malicious scripts into web pages that are viewed by other users, potentially compromising sensitive user data and altering the appearance and behavior of the site. It affects all versions from n/a up to 2.0.12, emphasizing the need for immediate updates to the latest version to safeguard against exploitation.

Affected Version(s)

WP Table Builder <= 2.0.12

References

https://patchstack.com/database/wordpress/plugin/wp-table...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Aug 14, 2025

Credit

theviper17 (Patchstack Alliance)