CVE-2024-6458 - Vulnerability Details - OpenCVE

The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title modification due to a missing capability check on the wcpt_presets__duplicate_preset_to_table function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers with subscriber access and above to change titles of arbitrary posts. Missing sanitization can lead to Stored Cross-Site Scripting when viewed by an admin via the WooCommerce Product Table.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wcproducttable	Woocommerce Product Table

Configuration 1 [-]

cpe:2.3:a:wcproducttable:woocommerce_product_table:*:*:*:*:lite:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve

History

Wed, 19 Feb 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wcproducttable Wcproducttable woocommerce Product Table
CPEs		cpe:2.3:a:wcproducttable:woocommerce_product_table:::::lite:wordpress::
Vendors & Products		Wcproducttable Wcproducttable woocommerce Product Table

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-07-27T08:36:37.479Z

Updated: 2024-08-01T21:41:03.376Z

Reserved: 2024-07-02T18:41:38.712Z

Link: CVE-2024-6458

Vulnrichment

Updated: 2024-08-01T21:41:03.376Z

NVD

Status : Analyzed

Published: 2024-07-27T09:15:02.123

Modified: 2025-02-19T15:38:25.183

Link: CVE-2024-6458

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6458", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-07-02T18:41:38.712Z", "datePublished": "2024-07-27T08:36:37.479Z", "dateUpdated": "2024-08-01T21:41:03.376Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-07-27T08:36:37.479Z"}, "affected": [{"vendor": "wcproducttable", "product": "WooCommerce Product Table Lite", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "3.5.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title modification due to a missing capability check on the wcpt_presets__duplicate_preset_to_table function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers with subscriber access and above to change titles of arbitrary posts. Missing sanitization can lead to Stored Cross-Site Scripting when viewed by an admin via the WooCommerce Product Table."}], "title": "WooCommerce Product Table Lite <= 3.5.1 - Missing Authorization to (Subscriber+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "timeline": [{"time": "2024-07-26T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-29T13:41:34.281371Z", "id": "CVE-2024-6458", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-29T17:01:27.086Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:03.376Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:03.376Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6458", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-29T13:41:34.281371Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-29T17:01:24.378Z"}}], "cna": {"title": "WooCommerce Product Table Lite <= 3.5.1 - Missing Authorization to (Subscriber+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "wcproducttable", "product": "WooCommerce Product Table Lite", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.5.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-07-26T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title modification due to a missing capability check on the wcpt_presets__duplicate_preset_to_table function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers with subscriber access and above to change titles of arbitrary posts. Missing sanitization can lead to Stored Cross-Site Scripting when viewed by an admin via the WooCommerce Product Table."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-07-27T08:36:37.479Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6458", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:41:03.376Z", "dateReserved": "2024-07-02T18:41:38.712Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-07-27T08:36:37.479Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wcproducttable:woocommerce_product_table:*:*:*:*:lite:wordpress:*:*", "matchCriteriaId": "FAF71D22-830B-404E-A7BA-AD2DE98D9F13", "versionEndExcluding": "3.8.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title modification due to a missing capability check on the wcpt_presets__duplicate_preset_to_table function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers with subscriber access and above to change titles of arbitrary posts. Missing sanitization can lead to Stored Cross-Site Scripting when viewed by an admin via the WooCommerce Product Table."}, {"lang": "es", "value": "El complemento WooCommerce Product Table Lite para WordPress es vulnerable a modificaciones no autorizadas del t\u00edtulo de la publicaci\u00f3n debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n wcpt_presets__duplicate_preset_to_table en todas las versiones hasta la 3.5.1 incluida. Esto hace posible que atacantes autenticados con acceso de suscriptor y superior cambien t\u00edtulos de publicaciones arbitrarias. La falta de sanitizaci\u00f3n puede provocar Cross Site Scripting almacenado cuando un administrador los ve a trav\u00e9s de la tabla de productos de WooCommerce."}], "id": "CVE-2024-6458", "lastModified": "2025-02-19T15:38:25.183", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-07-27T09:15:02.123", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/presets/presets.php#L120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3125858%40wc-product-table-lite&new=3125858%40wc-product-table-lite&sfp_email=&sfph_mail="}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e06fb465-4c72-49a8-af35-ff6d629ff9a0?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}