Skip to main content

Woocommerce Product Table Lite

2 CVEs product

Monthly

CVE-2026-34902 HIGH This Week

Reflected/stored cross-site scripting in the WooCommerce Product Table Lite WordPress plugin (versions ≤ 4.6.3) allows remote unauthenticated attackers to inject malicious JavaScript that executes in a victim's browser when they interact with a crafted link or page. Successful exploitation can lead to session hijacking, credential theft, or administrative actions performed in the context of an authenticated WordPress user, including site administrators. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV, but the unauthenticated attack surface combined with WordPress's broad install base makes this a meaningful risk for sites running the plugin.

WordPress XSS Woocommerce Product Table Lite
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-47519 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.6.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Woocommerce Product Table Lite
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected/stored cross-site scripting in the WooCommerce Product Table Lite WordPress plugin (versions ≤ 4.6.3) allows remote unauthenticated attackers to inject malicious JavaScript that executes in a victim's browser when they interact with a crafted link or page. Successful exploitation can lead to session hijacking, credential theft, or administrative actions performed in the context of an authenticated WordPress user, including site administrators. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV, but the unauthenticated attack surface combined with WordPress's broad install base makes this a meaningful risk for sites running the plugin.

WordPress XSS Woocommerce Product Table Lite
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.6.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Woocommerce Product Table Lite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy