CVE-2023-51505 | Deserialization of Untrusted Data vulnerability in realmag77… | CVSS 10.0 CRITICAL

Description

Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.

Metadata

CVE ID: CVE-2023-51505
State: PUBLISHED
Assigner: Patchstack
Reserved: 2023-12-20 15:33 UTC
Published: 2023-12-29 12:51 UTC
Last updated: 2026-04-28 16:09 UTC
Primary CWE: CWE-502
CWE-502 Deserialization of Untrusted Data
Vendor / Product: realmag777 / Active Products Tables for WooCommerce. Professional products tables for WooCommerce store
Sources: cve.org · NVD

Severity & Metrics

10.0 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
realmag777	Active Products Tables for WooCommerce. Professional products tables for WooCommerce store	—	n/a ≤ 1.0.6

Weakness (CWE)

CWE	Source	Description
CWE-502	cna	CWE-502 Deserialization of Untrusted Data

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References (1)

https://patchstack.com/database/vulnerability/profit-products-tables-for-woocommerce/wordpress-active-products-tables-for-woocommerce-plugin-1-0-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve