Active Products Tables For Woocommerce
Monthly
DOM-based cross-site scripting affects the RealMag777 "Active Products Tables for WooCommerce" WordPress plugin (slug profit-products-tables-for-woocommerce) in all versions through 1.1.0, letting a remote attacker deliver crafted input that is unsafely written into the DOM and executed as script in a victim's browser. Because the CVSS scope is changed (S:C) and no authentication is required (PR:N), successful exploitation can affect resources beyond the vulnerable component, though it requires the victim to interact with an attacker-influenced page or link (UI:R). There is no public exploit identified at time of analysis and it is not listed in CISA KEV; no EPSS score was supplied.
The Active Products Tables for WooCommerce. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
DOM-based cross-site scripting affects the RealMag777 "Active Products Tables for WooCommerce" WordPress plugin (slug profit-products-tables-for-woocommerce) in all versions through 1.1.0, letting a remote attacker deliver crafted input that is unsafely written into the DOM and executed as script in a victim's browser. Because the CVSS scope is changed (S:C) and no authentication is required (PR:N), successful exploitation can affect resources beyond the vulnerable component, though it requires the victim to interact with an attacker-influenced page or link (UI:R). There is no public exploit identified at time of analysis and it is not listed in CISA KEV; no EPSS score was supplied.
The Active Products Tables for WooCommerce. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.