cbcvebase.
CVE-2024-0797
published 2024-02-05

CVE-2024-0797: The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of…

PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.42%
34.0th percentile
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for subscribers and higher to execute functions intended for admin use.

Affected

2 ranges
VendorProductVersion rangeFixed in
pluginuswoot<= 1.0.6.2
realmag777active_products_tables_for_woocommerce_use_constructor_to_create_tables<= 1.0.6.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.