PT-2024-16570 · Codeastrology · The Product Table For Woocommerce
Nathan
+1
·
Published
2024-11-22
·
Updated
2025-07-12
·
CVE-2024-10813
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
The Product Table for WooCommerce by CodeAstrology plugin for WordPress versions up to, and including, 3.5.1
Description
The issue allows unauthenticated attackers to expose sensitive information via the
var dump table parameter. This makes it possible for attackers to access sensitive data.Recommendations
For versions up to, and including, 3.5.1, update to a version later than 3.5.1 to resolve the issue.
As a temporary workaround, consider restricting access to the
var dump table parameter until a patch is available.Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
The Product Table For Woocommerce