CVE-2023-51505

CRITICAL

Pluginus Woot < 1.0.6 - Insecure Deserialization

Title source: rule

Description

Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.

References (1)

[Third Party Advisory] https://patchstack.com/database/vulnerability/profit-products-tables-for-woocommerce/wordpress-active-products-tables-for-woocommerce-plugin-1-0-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve

Scores

CVSS v3 10.0

EPSS 0.0063

EPSS Percentile 70.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (1)

pluginus/woot < 1.0.6

Timeline

Published Dec 29, 2023

Tracked Since Feb 18, 2026