3 matches found
CVE-2025-5143
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableonpopupiframebutton shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5143 TableOn – WordPress Posts Table Filterable <= 1.0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via tableon_popup_iframe_button Shortcode
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableonpopupiframebutton shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5143
CVE-2025-5143 affects TableOn – WordPress Posts Table Filterable (WordPress plugin). A stored XSS vulnerability exists in the tableon_popup_iframe_button shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation is possible by authenticated use...