PT-2026-49368 · Wc Product Table · Woocommerce Product Table Lite

Published

2026-06-15

Updated

2026-06-16

CVE-2026-34902

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions WooCommerce Product Table Lite versions prior to 4.6.4

Description Unauthenticated stored Cross Site Scripting (XSS), a flaw that allows an attacker to inject malicious scripts into web pages viewed by other users, exists in the software.

Recommendations Disable the plugin or restrict access to it until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-34902

Affected Products

Woocommerce Product Table Lite

PT-2026-49368 · Wc Product Table · Woocommerce Product Table Lite

CVE-2026-34902

Weakness Enumeration

Related Identifiers

Affected Products

References · 3