CVE-2023-51505

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 29, 2023

Updated: Feb 15, 2024

CWE ID 502

Summary

CVE-2023-51505 is a Deserialization of Untrusted Data vulnerability affecting the Active Products Tables for WooCommerce, a professional plugin used in WooCommerce stores. This issue allows an attacker to deserialize untrusted data, potentially leading to arbitrary code execution. The vulnerability impacts versions of the plugin from n/a to 1.0.6, and store owners are urged to upgrade to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t3uuAx
https://www.cve.org/CVERecord?id=CVE-2023-51505
https://nvd.nist.gov/vuln/detail/CVE-2023-51505

Back to Vulnerability Database

CVE-2023-51505

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations