CVE-2024-13472

CVE-2024-13472 affects the WooCommerce Product Table Lite plugin for WordPress in all versions up to and including 3.9.4. The vulnerability enables arbitrary shortcode execution due to insufficient validation of the 'sc_attrs' parameter before passing it to the do_shortcode function. Additionally, the same parameter is susceptible to Reflected Cross-Site Scripting (XSS). It has been assigned a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and maps to CWE-94 (Improper Control of Generation of Code).

Unauthenticated attackers can exploit this vulnerability remotely with low complexity by sending crafted requests containing malicious shortcodes or XSS payloads in the 'sc_attrs' parameter. Successful exploitation of arbitrary shortcode execution could allow attackers to run PHP code or other shortcodes available on the target site, potentially leading to site compromise depending on the site's configuration and installed plugins. The Reflected XSS component enables theft of session cookies or other client-side attacks against site visitors.

Advisories from sources like Wordfence recommend updating to a patched version of the plugin, as indicated by the changeset 3231930 in the plugin's Trac repository, which addresses the validation issue around line 1843 in main.php. Security practitioners should review the plugin's developers page on WordPress.org for the latest stable release and apply updates immediately on affected sites.