TablePress WordPress Plugin Vulnerability Affects 700,000+ Sites

A vulnerability in the TablePress WordPress plugin enables attackers to inject malicious scripts that run when someone visits a compromised page. It affects all versions up to and including version 3.2.

TablePress WordPress plugin

The TablePress plugin is used on more than 700,000 websites. It enables users to create and manage tables with interactive features like sorting, pagination, and search.

What Caused The Vulnerability

The problem came from missing input sanitization and output escaping in how the plugin handled the shortcode_debug parameter….