CVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

June 21, 2025

CVE ID : CVE-2025-5143

Published : June 21, 2025, 7:15 a.m. | 3 hours, 33 minutes ago

Description : The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s tableon_popup_iframe_button shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6401 – TOTOLINK N300RH HTTP POST Message Handler Denial of Service Vulnerability

Next Article CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

Highlights

Development

Open Source MCP: Powering Scalable Test Automation

July 16, 2025

In today’s high-velocity software development world, test automation has become the lifeblood of continuous integration and delivery. However, as testing needs grow more complex, automation tools must evolve to keep pace. One of the most promising innovations in this space is the Model Context Protocol (MCP), a powerful concept that decouples test logic from browser
The post Open Source MCP: Powering Scalable Test Automation appeared first on Codoid.

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

A Guide To Evaluating Your Organizational Product Portfolio

Microsoft Edge may be getting a redesigned New Tab Page powered by Copilot

Introduction to the View Transitions API: A New Era of Seamless Page Navigation

CVE-2025-32952 – Jmix File Size Limitation Dos

Open Source MCP: Powering Scalable Test Automation

CVE-2025-46803 – Screen PTY Escalation of Privilege

CSS FILTERS Explained

CVE-2009-20010 – Dogfood CRM Remote Command Execution Vulnerability

CVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

Related Posts