CVE-2024-10813

MEDIUM

Product Table for WooCommerce by CodeAstrology <= 3.5.1 - Sensitive Information Exposure via var_dump_table

Title source: llm
STIX 2.1

Description

The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1 via the var_dump_table parameter. This makes it possible for unauthenticated attackers var data.

Scores

CVSS v3 5.3
EPSS 0.0057
EPSS Percentile 42.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (2)
codeastrology/woo_product_table < 3.5.2
codersaiful/Product Table for WooCommerce < 3.5.1
Published Nov 23, 2024
Tracked Since Feb 18, 2026