CVE-2024-13472
Published: 31 January 2025
Summary
CVE-2024-13472 is a high-severity Code Injection (CWE-94) vulnerability in Wcproducttable Woocommerce Product Table. Its CVSS base score is 7.3 (High).
Operationally, ranked in the top 26.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the core vulnerability by requiring validation of the 'sc_attrs' parameter to prevent arbitrary shortcode execution and reflected XSS.
Ensures timely identification, reporting, and patching of the plugin flaw as recommended in advisories to eliminate the improper input validation issue.
Mitigates the reflected XSS aspect by filtering malicious payloads in outputs derived from the unvalidated 'sc_attrs' parameter.
NVD Description
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.9.4. This is due to the software allowing users to execute an action that does not properly validate…
more
a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. The same 'sc_attrs' parameter is vulnerable to Reflected Cross-Site Scripting as well.
Deeper analysisAI
CVE-2024-13472 affects the WooCommerce Product Table Lite plugin for WordPress in all versions up to and including 3.9.4. The vulnerability enables arbitrary shortcode execution due to insufficient validation of the 'sc_attrs' parameter before passing it to the do_shortcode function. Additionally, the same parameter is susceptible to Reflected Cross-Site Scripting (XSS). It has been assigned a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and maps to CWE-94 (Improper Control of Generation of Code).
Unauthenticated attackers can exploit this vulnerability remotely with low complexity by sending crafted requests containing malicious shortcodes or XSS payloads in the 'sc_attrs' parameter. Successful exploitation of arbitrary shortcode execution could allow attackers to run PHP code or other shortcodes available on the target site, potentially leading to site compromise depending on the site's configuration and installed plugins. The Reflected XSS component enables theft of session cookies or other client-side attacks against site visitors.
Advisories from sources like Wordfence recommend updating to a patched version of the plugin, as indicated by the changeset 3231930 in the plugin's Trac repository, which addresses the validation issue around line 1843 in main.php. Security practitioners should review the plugin's developers page on WordPress.org for the latest stable release and apply updates immediately on affected sites.
Details
- CWE(s)