Lucene search

CVE-2024-6458 WooCommerce Product Table Lite <= 3.5.1 - Missing Authorization to (Subscriber+) Stored Cross-Site Scripting

🗓️ 27 Jul 2024 08:37:36Reported by WordfenceType

WooCommerce Product Table Lite 3.5.1 Missing Authorization Stored Cross-Site Scriptin

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress WooCommerce Product Table Lite Plugin <= 3.5.1 is vulnerable to Cross Site Scripting (XSS)	29 Jul 202400:00	–	patchstack
CVE	CVE-2024-6458	27 Jul 202409:15	–	cve
Vulnrichment	CVE-2024-6458 WooCommerce Product Table Lite <= 3.5.1 - Missing Authorization to (Subscriber+) Stored Cross-Site Scripting	27 Jul 202408:36	–	vulnrichment
NVD	CVE-2024-6458	27 Jul 202409:15	–	nvd
RedhatCVE	CVE-2024-6458	23 May 202508:02	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 22, 2024 to July 28, 2024)	1 Aug 202414:18	–	wordfence

[
  {
    "vendor": "wcproducttable",
    "product": "WooCommerce Product Table Lite",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "3.5.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0
plugins	www.plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jul 2024 08:36Current

CVSS36.4

EPSS0.00101

CWE-862