Primary

Context

WP Table Builder WordPress Plugin Incorrect Authorization Vulnerability Allowing Arbitrary Table Creation

Vulnerability

Patched

A vulnerability exists in the WP Table Builder plugin for WordPress, specifically in versions through 2.0.19. The issue arises from an incorrect authorization check in the save_table() function, allowing authenticated attackers with Subscriber-level access and above to create new wptb-table posts. This vulnerability enables unauthorized modification of data by exploiting the flawed authorization mechanism.

Impact

Exploitation of this vulnerability allows for unauthorized data modification, specifically by enabling the creation of arbitrary table posts within the WordPress site.

Remediation

Users can update to version 2.0.20 or a newer patched version to address this vulnerability.

Added: Jan 9, 2026, 8:23 AM

Updated: Jan 9, 2026, 8:23 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

6.1

remediation

7.7

relevance

2.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

6.1

remediation

7.7

relevance

2.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WP Table Builder WordPress Plugin Incorrect Authorization Vulnerability Allowing Arbitrary Table Creation

Vulnerability

Impact

Remediation

Affected Products

WP Table Builder

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating