46 matches found
CVE-2023-47519 WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in WC Product Table WooCommerce Product Table Lite.This issue affects WooCommerce Product Table Lite: from n/a through 2.6.2...
CVE-2023-47519 WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in WC Product Table WooCommerce Product Table Lite.This issue affects WooCommerce Product Table Lite: from n/a through 2.6.2...
WordPress Plugin WooCommerce Product Table Lite Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce Product Table Lite Type Plugin Vulnerable versions = 2.6.2 Fixed in 3.1.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47519 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b542742e54f8 Credits...
WooCommerce Product Table Lite < 2.4.0 - Reflected Cross-Site Scripting
The plugin does not escape the pricerangemin and pricerangemax parameters before outputting them back in attributes, leading a Reflected Cross-Site Scripting issue PoC On a page where there is a Product Table with a Price filter, append the following payload to the min and max price...
CVE-2021-34659 Plugmatter Pricing Table Lite <= 1.0.32 Reflected Cross-Site Scripting
The Plugmatter Pricing Table Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the email parameter in the /license.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.32...