The WP Table Builder plugin, a popular tool (over 60,000 installs!) for creating tables on your website, has a known XSS security vulnerability.
The vulnerability is caused by insufficient input sanitisation and output escaping (XSS or Cross-Site Scripting). This means the plugin fails to properly clean user provided data before using it, allowing attackers to inject malicious code.
Keep updated with the latest from purely.website
In the default setup, this vulnerability can only be exploited by administrators, but the ability to use and configure the WP Table Builders settings and tables can be extended to contributors.
All versions of WP Table Builder
up to and including 1.4.14 are vulnerable. Please update your version today!
Author: Jamie Moynahan Jamie is the Support Manager at Pipe Ten, being an integral part of the team for well over 10 years. Jamie is a seasoned expert with the intricacies in the fast changing world of website applications, hosting and domain name registration. This broad knowledge is instrumental to the entire customer support experience which purely.website members have come to rely on. Jamie has written and published hundreds of articles about hosting and managing website applications and domain name registration management processes.
