Unauthenticated Function Execution in Active Products Tables for WooCommerce Plugin

Unauthenticated Function Execution in Active Products Tables for WooCommerce Plugin

CVE-2024-0797 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for subscribers and higher to execute functions intended for admin use.

Learn more about our Wordpress Pen Testing.