23 matches found
WordPress TableOn plugin <= 1.0.5.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by hhhai in WordPress Plugin TableOn versions = 1.0.5.1...
CVE-2026-42755 WordPress TableOn plugin <= 1.0.5.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
WordPress plugin TableOn SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2026-20040
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tableonbutton' shortcode in all versions up to and including 1.0.4.4. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3513
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tableonbutton' shortcode in all versions up to and including 1.0.4.4. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3513
CVE-2026-3513 concerns the TableOn – WordPress Posts Table Filterable plugin (
CVE-2026-3513 TableOn – WordPress Posts Table Filterable <= 1.0.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tableonbutton' shortcode in all versions up to and including 1.0.4.4. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3513 TableOn – WordPress Posts Table Filterable <= 1.0.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tableonbutton' shortcode in all versions up to and including 1.0.4.4. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
PT-2026-31075
Name of the Vulnerable Software and Affected Versions TableOn – WordPress Posts Table Filterable plugin versions up to and including 1.0.4.4 Description The TableOn – WordPress Posts Table Filterable plugin is susceptible to Stored Cross-Site Scripting. This is due to insufficient input...
CVE-2025-69316
CVE-2025-69316: RealMag777 TableOn posts-table-filterable has a Reflected XSS in versions up to 1.0.4.2. Root cause: improper input neutralization during web page generation. Impact: reflected cross-site scripting; CVSS base 7.1 (HIGH). Remediation: the vulnerability entry is marked as patched in...
CVE-2025-69316 WordPress TableOn plugin <= 1.0.4.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through = 1.0.4.2...
WordPress TableOn plugin <= 1.0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via tableon_popup_iframe_button Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via tableonpopupiframebutton Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin TableOn versions = 1.0.4.1...
CVE-2025-60244
CVE-2025-60244 concerns a Basic XSS in the WordPress TableOn plugin (RealMag777 TableOn posts-table-filterable) caused by improper neutralization of script-related HTML tags, enabling code injection. Affected versions are TableOn <= 1.0.4.2 (per initial sources); later entries also reference
CVE-2025-60244 WordPress TableOn plugin <= 1.0.5.1 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
WordPress plugin TableOn 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-5143
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableonpopupiframebutton shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5143
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableonpopupiframebutton shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5143 TableOn – WordPress Posts Table Filterable <= 1.0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via tableon_popup_iframe_button Shortcode
The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableonpopupiframebutton shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes...
WordPress TableOn plugin <= 1.0.4.4 - Content Injection vulnerability
Content Injection vulnerability discovered by ch4r0n in WordPress Plugin TableOn versions = 1.0.4.4...
CVE-2025-32592
CVE-2025-32592 : RealMag777 TableOn – WordPress Posts Table Filterable is affected by a Stored XSS due to Improper input neutralization during web page generation . Affected versions: up to 1.0.3 (inclusive). Impact is modeling as stored XSS on pages using the plugin; the vulnerability allows arb...