🔎 Have you found a vulnerability in a WordPress plugin or theme? Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty on all in-scope submissions, while we handle the responsible disclosure process on your behalf.

Tablesome – Responsive Table, Woocommerce Automation, Email Log, Form Automation – Contact Form 7, Elementor, WPForms, Forminator

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Tablesome – Responsive Table, Woocommerce Automation, Email Log, Form Automation – Contact Form 7, Elementor, WPForms, Forminator

Information

Software Type	Plugin
Software Slug	tablesome (view on wordpress.org)
Software Status	Active
Software Author	essekia
Software Website	tablesomewp.com
Software Downloads	214,046
Software Active Installs	9,000
Software Record Last Updated	July 27, 2024

6 Vulnerabilities

Table & Contact Form 7 Database – Tablesome <= 1.0.33 - Unauthenticated Sensitive Information Exposure

5.3

CVE-2024-37498

Jul 4, 2024

Researcher: Peng Zhou

Table & Contact Form 7 Database – Tablesome <= 1.0.25 - Cross-Site Request Forgery

4.3

CVE-2024-31388

Apr 10, 2024

Researcher: thiennv

Table & Contact Form 7 Database – Tablesome <= 1.0.27 - Reflected Cross-Site Scripting

6.1

CVE-2024-29110

Mar 16, 2024

Researcher: Jean Tirstan T

Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get

6.1

CVE-2023-33999

Jul 18, 2023

Researcher: Rafie Muhammad

Tablesome <= 1.0.8 - Reflected Cross-Site Scripting

6.1

CVE-2023-1890

Apr 19, 2023

Researcher: Taurus Omar

Freemius SDK <= 2.4.2 - Missing Authorization Checks

6.3

CVE ID Unknown

Mar 4, 2022

Researchers:

Title	Status	CVE ID	CVSS	Researchers	Date
Table & Contact Form 7 Database – Tablesome <= 1.0.33 - Unauthenticated Sensitive Information Exposure	Patched	CVE-2024-37498	5.3	Peng Zhou	July 4, 2024
Table & Contact Form 7 Database – Tablesome <= 1.0.25 - Cross-Site Request Forgery	Patched	CVE-2024-31388	4.3	thiennv	April 10, 2024
Table & Contact Form 7 Database – Tablesome <= 1.0.27 - Reflected Cross-Site Scripting	Patched	CVE-2024-29110	6.1	Jean Tirstan T	March 16, 2024
Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get	Patched	CVE-2023-33999	6.1	Rafie Muhammad	July 18, 2023
Tablesome <= 1.0.8 - Reflected Cross-Site Scripting	Patched	CVE-2023-1890	6.1	Taurus Omar	April 19, 2023
Freemius SDK <= 2.4.2 - Missing Authorization Checks	Patched		6.3		March 4, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation