Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-0797

The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for subscribers and higher to execute functions intended for admin use.

Published

2024-02-05T22:16:05.407

Last Modified

2025-05-15T20:15:31.927

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-862
Type: Secondary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	pluginus	woot	≤ 1.0.6.2	Yes

References

https://plugins.trac.wordpress.org/changeset/3029488/profit-products-tables-for-woocommerce/trunk?contextall=1&old=3005088&old_path=%2Fprofit-products-tables-for-woocommerce%2Ftrunk Patch ([email protected])
https://www.wordfence.com/threat-intel/vulnerabilities/id/0a94841f-b1dd-44f4-b7a1-65a9fdf7b18d?source=cve Third Party Advisory ([email protected])
https://plugins.trac.wordpress.org/changeset/3029488/profit-products-tables-for-woocommerce/trunk?contextall=1&old=3005088&old_path=%2Fprofit-products-tables-for-woocommerce%2Ftrunk Patch (af854a3a-2127-422b-91ae-364da2661108)
https://www.wordfence.com/threat-intel/vulnerabilities/id/0a94841f-b1dd-44f4-b7a1-65a9fdf7b18d?source=cve Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)