WP-Safety

Active Products Tables for WooCommerce. Use constructor to create tables  Security & Risk Analysis

wordpress.org/plugins/profit-products-tables-for-woocommerce

WooCommerce Active Products Tables - is the WooCommerce Products Table plugin displaying shop products in table format

1K active installs v1.0.8 PHP 7.4+ WP 4.9+ Updated Mar 2, 2026
product-tableproducts-filterproducts-tabletablewoocommerce-product-table
87
A · Safe
CVEs total12
Unpatched0
Last CVEMay 19, 2025
Plugin page Download
Safety Verdict

Is Active Products Tables for WooCommerce. Use constructor to create tables  Safe to Use in 2026?

Generally Safe

Score 87/100

Active Products Tables for WooCommerce. Use constructor to create tables  has a strong security track record. Known vulnerabilities have been patched promptly.

12 known CVEsLast CVE: May 19, 2025Updated 1mo ago
Risk Assessment

The 'profit-products-tables-for-woocommerce' plugin exhibits a concerning security posture, primarily due to its historical vulnerability profile and a significant attack surface with unprotected entry points. While the static analysis reveals no critical or high severity taint flows and a reasonable percentage of SQL queries using prepared statements and properly escaped output, these positive indicators are overshadowed by the plugin's past. The history of 12 known CVEs, including one critical and two high-severity vulnerabilities, coupled with a recent vulnerability dating to May 2025, strongly suggests a recurring pattern of security weaknesses. Common vulnerability types like improper input validation, code injection, missing authorization, and cross-site scripting indicate systemic flaws in how the plugin handles user-supplied data and controls access to its functionalities. The presence of 21 AJAX handlers without authentication checks represents a significant immediate risk, as these endpoints could be exploited by unauthenticated users.

Key Concerns

  • 21 AJAX handlers without auth checks
  • 12 known CVEs (1 critical, 2 high)
  • 1 critical severity flow with unsanitized path
  • 42% of SQL queries not using prepared statements
  • 23% of outputs not properly escaped
Vulnerabilities
12

Active Products Tables for WooCommerce. Use constructor to create tables  Security Vulnerabilities

CVEs by Year

1 CVE in 2022
2022
2 CVEs in 2023
2023
6 CVEs in 2024
2024
3 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Critical
1
High
2
Medium
9

12 total CVEs

CVE-2025-48266medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce <= 1.0.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

May 19, 2025 Patched in 1.0.6.9 (10d)
CVE-2025-1514high · 7.3Improper Input Validation

Active Products Tables for WooCommerce <= 1.0.6.7 - Unauthenticated Arbitrary Filter Call

Mar 25, 2025 Patched in 1.0.6.8 (1d)
CVE-2025-0864medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.6 - Reflected Cross-Site Scripting

Feb 17, 2025 Patched in 1.0.6.7 (1d)
CVE-2024-10959high · 7.3Improper Control of Generation of Code ('Code Injection')

Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.5 - Unauthenticated Arbitrary Shortcode Execution via woot_get_smth

Dec 9, 2024 Patched in 1.0.6.6 (1d)
CVE-2024-10168medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via woot_button Shortcode

Nov 5, 2024 Patched in 1.0.6.5 (1d)
CVE-2024-35730medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.3 - Reflected Cross-Site Scripting

Jun 6, 2024 Patched in 1.0.6.4 (8d)
CVE-2024-32691medium · 6.5Missing Authorization

Active Products Tables for WooCommerce <= 1.0.6.2 - Missing Authorization

Apr 19, 2024 Patched in 1.0.6.3 (6d)
CVE-2024-0797medium · 4.3Missing Authorization

Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6.1 - Missing Authorization

Jan 31, 2024 Patched in 1.0.6.2 (6d)
CVE-2024-0796medium · 4.3Cross-Site Request Forgery (CSRF)

Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6.1 - Cross-Site Request Forgery

Jan 31, 2024 Patched in 1.0.6.2 (181d)
CVE-2023-51480medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 27, 2023 Patched in 1.0.6.1 (27d)
CVE-2023-51505critical · 9.8Deserialization of Untrusted Data

Active Products Tables for WooCommerce <= 1.0.6 - Unauthenticated PHP Object Injection

Dec 27, 2023 Patched in 1.0.6.1 (27d)
CVE-2022-1916medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Active Products Tables for WooCommerce <= 1.0.4 - Reflected Cross-Site Scripting

Jun 1, 2022 Patched in 1.0.5 (601d)
Code Analysis
Analyzed Mar 16, 2026

Active Products Tables for WooCommerce. Use constructor to create tables  Code Analysis

Dangerous Functions
0
Raw SQL Queries
15
11 prepared
Unescaped Output
80
273 escaped
Nonce Checks
20
Capability Checks
23
File Operations
2
External Requests
0
Bundled Libraries
0

SQL Query Safety

42% prepared26 total queries

Output Escaping

77% escaped353 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
get_columns_data (classes\columns.php:331)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
21 unprotected

Active Products Tables for WooCommerce. Use constructor to create tables  Attack Surface

Entry Points51
Unprotected21

AJAX Handlers 42

authwp_ajax_woot_save_table_column_field_optionclasses\columns-fields-options.php:46
authwp_ajax_woot_get_columns_dataclasses\columns.php:56
authwp_ajax_woot_save_table_column_fieldclasses\columns.php:57
authwp_ajax_woot_create_table_columnclasses\columns.php:58
authwp_ajax_woot_refresh_columns_tableclasses\columns.php:59
authwp_ajax_woot_delete_table_columnclasses\columns.php:60
authwp_ajax_woot_save_filter_field_optionclasses\filter-fields-options.php:56
authwp_ajax_woot_get_predefinition_tableclasses\predefinition.php:46
authwp_ajax_woot_save_table_predefinition_fieldclasses\predefinition.php:47
authwp_ajax_woot_save_settings_fieldclasses\settings.php:47
authwp_ajax_woot_save_table_custom_cssclasses\settings.php:50
authwp_ajax_woot_get_table_custom_cssclasses\settings.php:55
authwp_ajax_woot_get_fields_for_filterclasses\tables-filter.php:30
authwp_ajax_woot_save_fields_for_filterclasses\tables-filter.php:31
authwp_ajax_woot_get_tables_metaclasses\tables-meta.php:82
authwp_ajax_woot_save_table_meta_fieldclasses\tables-meta.php:83
authwp_ajax_woot_create_metaclasses\tables-meta.php:84
authwp_ajax_woot_delete_table_metaclasses\tables-meta.php:85
authwp_ajax_woot_get_tables_optionsclasses\tables-options.php:40
authwp_ajax_woot_save_table_optionclasses\tables-options.php:41
authwp_ajax_woot_create_tableclasses\tables.php:45
authwp_ajax_woot_save_table_fieldclasses\tables.php:46
authwp_ajax_woot_delete_tableclasses\tables.php:47
authwp_ajax_woot_clone_tableclasses\tables.php:48
authwp_ajax_woot_save_vocabulary_fieldclasses\vocabulary.php:63
authwp_ajax_woot_create_vocabulary_fieldclasses\vocabulary.php:64
authwp_ajax_woot_delete_vocabulary_fieldclasses\vocabulary.php:65
authwp_ajax_woot_get_table_dataindex.php:83
noprivwp_ajax_woot_get_table_dataindex.php:84
authwp_ajax_woot_get_smthindex.php:86
noprivwp_ajax_woot_get_smthindex.php:87
authwp_ajax_woot_import_dataindex.php:89
authwp_ajax_woot_woocommerce_get_cart_infoprofiles\woocommerce\woocommerce-cart.php:24
noprivwp_ajax_woot_woocommerce_get_cart_infoprofiles\woocommerce\woocommerce-cart.php:25
authwp_ajax_woot_remove_product_from_cartprofiles\woocommerce\woocommerce-cart.php:27
noprivwp_ajax_woot_remove_product_from_cartprofiles\woocommerce\woocommerce-cart.php:28
authwp_ajax_woot_remove_all_products_from_cartprofiles\woocommerce\woocommerce-cart.php:30
noprivwp_ajax_woot_remove_all_products_from_cartprofiles\woocommerce\woocommerce-cart.php:31
authwp_ajax_woot_update_product_count_in_cartprofiles\woocommerce\woocommerce-cart.php:33
noprivwp_ajax_woot_update_product_count_in_cartprofiles\woocommerce\woocommerce-cart.php:34
authwp_ajax_woot_woocommerce_add_to_cart_someprofiles\woocommerce\woocommerce-cart.php:36
noprivwp_ajax_woot_woocommerce_add_to_cart_someprofiles\woocommerce\woocommerce-cart.php:37

Shortcodes 9

[woot] index.php:81
[woot_button] index.php:82
[woot_popup_iframe_button] index.php:2080
[woot_gallery] index.php:2142
[woot_single_btn] index.php:2196
[woot_cart] profiles\woocommerce\woocommerce-cart.php:123
[woot_reviews] profiles\woocommerce\woocommerce-reviews.php:55
[woot_single] profiles\woocommerce\woocommerce-single.php:95
[woot_drop_down] profiles\woocommerce\woocommerce.php:48
WordPress Hooks 79
actionadmin_initclasses\columns-fields-options.php:20
filterwoot_show_column_field_optionclasses\columns-fields-options.php:23
actionadmin_enqueue_scriptsclasses\columns-fields-options.php:45
actionadmin_enqueue_scriptsclasses\columns.php:29
actionadmin_initclasses\columns.php:30
actionwoot_columns_tableclasses\columns.php:72
actionadmin_initclasses\filter-fields-options.php:20
filterwoot_get_filter_field_optionsclasses\filter-fields-options.php:22
actionadmin_enqueue_scriptsclasses\filter-fields-options.php:55
actionadmin_enqueue_scriptsclasses\predefinition.php:19
actionadmin_initclasses\predefinition.php:20
actionadmin_enqueue_scriptsclasses\settings.php:20
actionadmin_initclasses\settings.php:21
actionadmin_bar_menuclasses\settings.php:61
actionadmin_initclasses\tables-filter.php:17
actionadmin_enqueue_scriptsclasses\tables-filter.php:18
actionadmin_enqueue_scriptsclasses\tables-meta.php:23
actionadmin_initclasses\tables-meta.php:24
filterwoot_table_orderby_select_argsclasses\tables-meta.php:28
actionwoot_meta_tableclasses\tables-meta.php:271
actionadmin_enqueue_scriptsclasses\tables-options.php:13
actionadmin_initclasses\tables-options.php:14
actionwoot_options_columns_tableclasses\tables-options.php:75
actionadmin_initclasses\tables.php:30
actionwoot_admin_tableclasses\tables.php:60
filterwoot_current_langclasses\vocabulary.php:27
actionadmin_enqueue_scriptsclasses\vocabulary.php:37
actionadmin_initclasses\vocabulary.php:38
actionbefore_woocommerce_initindex.php:49
actionadmin_initindex.php:91
actionadmin_enqueue_scriptsindex.php:109
actionadmin_menuindex.php:159
actionwp_print_footer_scriptsindex.php:193
actionwoot_wp_query_argsindex.php:1333
actionwoot_wp_query_argsindex.php:1365
actionwoot_wp_query_argsindex.php:1395
actionwoot_wp_query_argsindex.php:1409
actionwoot_wp_query_argsindex.php:1428
actionwoot_wp_query_argsindex.php:1442
actionwoot_wp_query_argsindex.php:1462
actionwoot_wp_query_argsindex.php:1476
filtertheme_page_templatesindex.php:1775
filtertemplate_includeindex.php:1781
actionadmin_noticesindex.php:1957
actioninitindex.php:2052
actionplugins_loadedindex.php:2053
actionwp_loadedindex.php:2062
actionwoot_default_tablesprofiles\default.php:17
filterwoot_profile_extendprofiles\woocommerce\compatibility.php:13
actionwoot_filter_provider_woofprofiles\woocommerce\compatibility.php:26
actionwoot_filter_provider_mdtfprofiles\woocommerce\compatibility.php:122
actionwoot_include_assetsprofiles\woocommerce\woocommerce-cart.php:39
actionwoot_cartprofiles\woocommerce\woocommerce-cart.php:52
actionwoot_extend_settingsprofiles\woocommerce\woocommerce-cart.php:130
actionwoot_extend_settings_defaultprofiles\woocommerce\woocommerce-cart.php:174
actioninitprofiles\woocommerce\woocommerce-cross-sells.php:20
actioninitprofiles\woocommerce\woocommerce-grouped.php:20
actioninitprofiles\woocommerce\woocommerce-related.php:20
filterwoot_get_woocommerce_reviews_tableprofiles\woocommerce\woocommerce-reviews.php:49
actionwoot_extend_settingsprofiles\woocommerce\woocommerce-single.php:23
actionwoot_extend_settings_defaultprofiles\woocommerce\woocommerce-single.php:56
filterwoot_get_table_single_productprofiles\woocommerce\woocommerce-single.php:79
actionwoot_extend_settingsprofiles\woocommerce\woocommerce-universal.php:72
actionwoot_extend_settings_defaultprofiles\woocommerce\woocommerce-universal.php:103
actioninitprofiles\woocommerce\woocommerce-upsells.php:20
actioninitprofiles\woocommerce\woocommerce-variations.php:20
actionadmin_initprofiles\woocommerce\woocommerce.php:38
actioninitprofiles\woocommerce\woocommerce.php:39
actionwoot_filter_provider_woocommerceprofiles\woocommerce\woocommerce.php:41
filterwoot_extend_optionsprofiles\woocommerce\woocommerce.php:66
filterwoot_table_classesprofiles\woocommerce\woocommerce.php:67
filterwoot_wp_query_argsprofiles\woocommerce\woocommerce.php:99
filterwoot_wp_query_argsprofiles\woocommerce\woocommerce.php:108
filterposts_whereprofiles\woocommerce\woocommerce.php:693
filterposts_whereprofiles\woocommerce\woocommerce.php:730
filterposts_whereprofiles\woocommerce\woocommerce.php:757
filterposts_whereprofiles\woocommerce\woocommerce.php:874
filterposts_whereprofiles\woocommerce\woocommerce.php:907
filterposts_whereprofiles\woocommerce\woocommerce.php:940
Maintenance & Trust

Active Products Tables for WooCommerce. Use constructor to create tables  Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 2, 2026
PHP min version7.4
Downloads73K

Community Trust

Rating96/100
Number of ratings18
Active installs1K
Alternatives

Active Products Tables for WooCommerce. Use constructor to create tables  Alternatives

Product Table for WooCommerce – Add Multiple Products to Cart

Product Table for WooCommerce – Add Multiple Products to Cart

multiple-products-to-cart-for-woocommerce

A
100

A truly lightweight EASY to use and super FAST WooCommerce product table solution to add multiple products to cart at once.

400 No CVEs
Free Woocommerce Product Table View – Woo Table Pro

Free Woocommerce Product Table View – Woo Table Pro

free-product-table-for-woocommerce

D
43

Free WooCommerce Product Table View - Woo Table Pro is the plugin you need to ist your WooCommerce products in a table. With many fields available, yo &hellip;

100 2 unpatched
Product Table and List Builder for WooCommerce Lite

Product Table and List Builder for WooCommerce Lite

wc-product-table-lite

A
88

Show your WooCommerce products in beautiful table and list layout with ease. Improves shopping experience for your customers and increases sales.

10K 9 CVEs
Product Table for WooCommerce

Product Table for WooCommerce

woo-product-table

A
90

Helps you to display your products in a searchable table layout with filters.

6K 4 CVEs
Product Table for WooCommerce by WBW

Product Table for WooCommerce by WBW

woo-product-tables

A
94

Show your products in the searchable and sortable product table. WooCommerce product listings and flexible order forms with WBW Product Table

2K 4 CVEs
Developer Profile

Active Products Tables for WooCommerce. Use constructor to create tables  Developer Profile

RealMag777

12 plugins · 188K total installs

66
trust score
Avg Security Score
82/100
Avg Patch Time
209 days
View full developer profile
Detection Fingerprints

How We Detect Active Products Tables for WooCommerce. Use constructor to create tables 

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/profit-products-tables-for-woocommerce/assets/css/woot-admin-styles.css/wp-content/plugins/profit-products-tables-for-woocommerce/assets/css/woot-frontend-styles.css/wp-content/plugins/profit-products-tables-for-woocommerce/assets/js/woot-admin.js/wp-content/plugins/profit-products-tables-for-woocommerce/assets/js/woot-frontend.js
Script Paths
/wp-content/plugins/profit-products-tables-for-woocommerce/assets/js/woot-admin.js/wp-content/plugins/profit-products-tables-for-woocommerce/assets/js/woot-frontend.js
Version Parameters
profit-products-tables-for-woocommerce/assets/css/woot-admin-styles.css?ver=profit-products-tables-for-woocommerce/assets/css/woot-frontend-styles.css?ver=profit-products-tables-for-woocommerce/assets/js/woot-admin.js?ver=profit-products-products-tables-for-woocommerce/assets/js/woot-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
woot-admin-tablewoot-table
HTML Comments
<!--profit-products-tables-for-woocommerce--><!-- woo-products-table -->
Data Attributes
data-table_iddata-table_datadata-per_pagedata-per_page_sel_ppdata-use_flow_headerdata-compact_view_width+4 more
JS Globals
WOOT_GLOBAL_AJAX_URLWOOT_GLOBAL_ADMIN_AJAX_URLWOOT_GLOBAL_LANG
REST Endpoints
/wp-json/woot/v1/get_table_data/wp-json/woot/v1/get_smth/wp-json/woot/v1/import_data
Shortcode Output
[woot[woot_button
FAQ

Frequently Asked Questions about Active Products Tables for WooCommerce. Use constructor to create tables