What the vulnerability does
01Description
Missing Authorization vulnerability in RealMag777 TableOn posts-table-filterable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TableOn: from n/a through <= 1.0.5.1.
Explanation of Vulnerability in Simple Terms
02Summary
TableOn versions up to 1.0.5.1 lack proper authorization checks, allowing authenticated users to modify or disable functionality they should not have access to. An attacker with low-level credentials can alter data or disrupt service availability. No confidentiality breach occurs, but integrity and availability are at risk. Update to a version newer than 1.0.5.1.
What an attacker can do
03Attacker Capabilities
Modify or disable features and data without proper authorization.
Potential impact on your site
04Site Impact
Authenticated users can alter or disable TableOn features beyond their intended permissions.
Conditions required to exploit
05Prerequisites
Attacker must have a low-level user account on the site.
Key dates
06Disclosure timeline
April 4, 2025
CVE published
April 28, 2026
Record updated