CVE-2023-51505

CRITICAL

Pluginus Woot < 1.0.6 - Insecure Deserialization

Title source: rule

Description

Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/profit-products-tables-for-woocommerce/wordpress-active-products-tables-for-woocommerce-plugin-1-0-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve

Scores

CVSS v3 10.0

EPSS 0.0065

EPSS Percentile 46.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-502

Status published

Products (2)

pluginus/woot < 1.0.6

realmag777/Active Products Tables for WooCommerce. Professional products tables for WooCommerce store < 1.0.6

Published Dec 29, 2023

Tracked Since Feb 18, 2026