CVE-2025-1514

by Fred · 26/03/2025

The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to unauthorized filter calling due to insufficient restrictions on the get_smth() function in all versions up to, and including, 1.0.6.7. This makes it possible for unauthenticated attackers to call arbitrary WordPress filters with a single parameter.

Assigner : cve-request@wordfence.com

More information : https://plugins.trac.wordpress.org/browser/profit-products-tables-for-woocommerce/trunk/index.php#L1753

CVE-2025-1514

Similar

Recent Posts

Categories

CVE-2025-1514

Share this:

Similar

Recent Posts

Categories

Tags