CVE-2023-51480

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 10, 2024

Updated: Feb 15, 2024

CWE ID 79

Summary

CVE-2023-51480 is a Cross-site Scripting (XSS) vulnerability affecting the Active Products Tables for WooCommerce by realmag777. This professional plugin, used for managing products in WooCommerce stores, contains an improper neutralization of input during web page generation. An attacker can exploit this flaw to inject malicious scripts into web pages viewed by other users. The vulnerability has been identified in versions 1.0.1 through 1.0.6. Store owners using these affected versions should apply the necessary security updates promptly to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t3urjv
https://www.cve.org/CVERecord?id=CVE-2023-51480
https://nvd.nist.gov/vuln/detail/CVE-2023-51480

Back to Vulnerability Database

CVE-2023-51480

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations