REPORT / 01
Analysis Report · Folder Analysis cache/woo-product-table_5.0.8 → cache/woo-product-table_5.0.9 — CVE-2025-12398
Shared security patch analysis results
02 ·
Lifecycle actions
cancel · resume · skip · regenerate
03 ·
Share this analysis
copy link · embed report
03 ·
CVE Security Analysis & Writeups
ai-generated · per cve
Comprehensive security analysis generated by AI for each confirmed CVE match. Click on a CVE to view the detailed writeup including vulnerability background, technical details, patch analysis, and PoC guide.
CVE-2025-12398
NVD
AI-Generated Analysis
05 ·
Findings
filter · search · paginate
Showing 0 to 0 of 0 results
inc/handle/search-box.php
AI: 1 vulnerabilities
1 true positive
CVE-2025-12398
--- cache/woo-product-table_5.0.8/inc/handle/search-box.php 2025-12-21 09:36:26.854770698 +0000+++ cache/woo-product-table_5.0.9/inc/handle/search-box.php 2025-12-21 09:36:43.911830743 +0000@@ -18,6 +18,7 @@ */ public static $fields; public static function render( Shortcode $shortcode ){ + // return; $behavior = $shortcode->atts['behavior'] ?? ''; // if( $behavior !== 'normal' && ( is_shop() || is_product_taxonomy() || is_product_category() ) ) return; self::$reset_button = "<button class='wpt-query-reset-button' title='" . __('Reset','woo-product-table') . "'> <i class='wpt-spin3'></i></button>"; //end of .search_single @@ -50,7 +51,7 @@ $search_order_placeholder = $config_value['search_box_searchkeyword'] ?? '';//__( 'Search keyword', 'woo-product-table' ); $html_inputBox .= '<div class="search_single_search_by_keyword">';// /.search_single_column $html_inputBox .= '<label class="search_keyword_label single_keyword" for="single_keyword_' . $shortcode->table_id . '">' . $single_keyword . '</label>'; - $html_inputBox .= '<input data-key="s" value="' . $search_keyword . '" class="query-keyword-input-box query_box_direct_value" id="single_keyword_' . $shortcode->table_id . '" value="" placeholder="' . $search_order_placeholder . '"/>'; + $html_inputBox .= '<input data-key="s" value="' . esc_attr( $search_keyword ) . '" class="query-keyword-input-box query_box_direct_value" id="single_keyword_' . $shortcode->table_id . '" value="" placeholder="' . $search_order_placeholder . '"/>'; $html_inputBox .= '</div>';// /.search_single_column }
AI Analysis
Vulnerability Existed: yes
TRUE POSITIVE
Cross-Site Scripting (XSS) - CWE-79 - inc/handle/search-box.php - Line 54
Old Code:
```php
$html_inputBox .= '<input data-key="s" value="' . $search_keyword . '" class="query-keyword-input-box query_box_direct_value" id="single_keyword_' . $shortcode->table_id . '" value="" placeholder="' . $search_order_placeholder . '"/>';
```
Fixed Code:
```php
$html_inputBox .= '<input data-key="s" value="' . esc_attr( $search_keyword ) . '" class="query-keyword-input-box query_box_direct_value" id="single_keyword_' . $shortcode->table_id . '" value="" placeholder="' . $search_order_placeholder . '"/>';
```
Explanation:
The vulnerability was a Reflected/Stored XSS attack. The `$search_keyword` variable was being directly concatenated into an HTML attribute value without proper escaping. An attacker could inject malicious JavaScript by manipulating the search parameter with payloads like `" onload="alert('XSS')` or similar attribute-breaking payloads. The fix applies WordPress's `esc_attr()` function to properly escape the value for safe use in HTML attributes, preventing attribute injection attacks.
CVE Analysis Results:
CVE-2025-12398: Yes
View CVE Description
The Product Table for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_key' parameter in all versions up to, and including, 5.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Showing 1 to 1 of 1 results