Search criteria
2 vulnerabilities found for Product Table for WooCommerce by CodeAstrology (wooproducttable.com) by codersaiful
CVE-2024-10813 (GCVE-0-2024-10813)
Vulnerability from cvelistv5 – Published: 2024-11-23 03:25 – Updated: 2024-11-26 19:39
VLAI?
Title
Product Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information Exposure
Summary
The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1 via the var_dump_table parameter. This makes it possible for unauthenticated attackers var data.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codersaiful | Product Table for WooCommerce by CodeAstrology (wooproducttable.com) |
Affected:
* , ≤ 3.5.1
(semver)
|
Credits
Nathan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "woo_product_table",
"vendor": "codeastrology",
"versions": [
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T19:37:27.342127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T19:39:46.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Product Table for WooCommerce by CodeAstrology (wooproducttable.com)",
"vendor": "codersaiful",
"versions": [
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nathan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1 via the var_dump_table parameter. This makes it possible for unauthenticated attackers var data."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-23T03:25:51.400Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e67f680a-8942-45fa-8458-a27c78045aa1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-product-table/trunk/inc/shortcode-base.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-22T15:10:18.000+00:00",
"value": "Disclosed"
}
],
"title": "Product Table for WooCommerce by CodeAstrology (wooproducttable.com) \u003c= 3.5.1 - Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10813",
"datePublished": "2024-11-23T03:25:51.400Z",
"dateReserved": "2024-11-04T18:36:39.335Z",
"dateUpdated": "2024-11-26T19:39:46.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10813 (GCVE-0-2024-10813)
Vulnerability from nvd – Published: 2024-11-23 03:25 – Updated: 2024-11-26 19:39
VLAI?
Title
Product Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information Exposure
Summary
The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1 via the var_dump_table parameter. This makes it possible for unauthenticated attackers var data.
Severity ?
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codersaiful | Product Table for WooCommerce by CodeAstrology (wooproducttable.com) |
Affected:
* , ≤ 3.5.1
(semver)
|
Credits
Nathan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "woo_product_table",
"vendor": "codeastrology",
"versions": [
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T19:37:27.342127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T19:39:46.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Product Table for WooCommerce by CodeAstrology (wooproducttable.com)",
"vendor": "codersaiful",
"versions": [
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nathan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1 via the var_dump_table parameter. This makes it possible for unauthenticated attackers var data."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-23T03:25:51.400Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e67f680a-8942-45fa-8458-a27c78045aa1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-product-table/trunk/inc/shortcode-base.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-22T15:10:18.000+00:00",
"value": "Disclosed"
}
],
"title": "Product Table for WooCommerce by CodeAstrology (wooproducttable.com) \u003c= 3.5.1 - Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10813",
"datePublished": "2024-11-23T03:25:51.400Z",
"dateReserved": "2024-11-04T18:36:39.335Z",
"dateUpdated": "2024-11-26T19:39:46.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}