CVE-2025-13753: CWE-863 Incorrect Authorization in wptb WP Table Builder – Drag & Drop Table Builder
CVE-2025-13753 is a medium-severity vulnerability in the WP Table Builder – Drag & Drop Table Builder WordPress plugin, affecting all versions up to 2. 0. 19. It involves an incorrect authorization check in the save_table() function, allowing authenticated users with Subscriber-level access or higher to create new wptb-table posts without proper permissions. This flaw does not impact confidentiality or availability but allows unauthorized data modification, potentially leading to content manipulation or defacement. Exploitation requires no user interaction beyond authentication, and no known exploits are currently in the wild. European organizations using this plugin on WordPress sites are at risk of unauthorized content changes, which could affect website integrity and trust. Mitigation involves updating the plugin once a patch is available or restricting Subscriber-level user capabilities as a temporary measure. Countries with high WordPress adoption and significant use of this plugin, such as Germany, the UK, France, and the Netherlands, are more likely to be affected. Given the medium CVSS score and the nature of the vulnerability, organizations should prioritize monitoring and access control improvements to reduce risk.
AI Analysis
Technical Summary
CVE-2025-13753 is a vulnerability classified under CWE-863 (Incorrect Authorization) found in the WP Table Builder – Drag & Drop Table Builder plugin for WordPress. The issue lies in the save_table() function, which fails to properly verify user permissions before allowing the creation of new wptb-table posts. This flaw affects all plugin versions up to and including 2.0.19. An attacker with authenticated access at the Subscriber level or higher can exploit this vulnerability to create unauthorized table posts, effectively modifying site content without proper authorization. The vulnerability does not require user interaction beyond authentication and can be exploited remotely over the network. The CVSS 3.1 base score is 4.3, indicating a medium severity level, with the vector highlighting network attack vector, low attack complexity, and low privileges required. While no known exploits are currently reported in the wild, the vulnerability poses a risk to the integrity of affected WordPress sites, potentially allowing attackers to manipulate displayed data or inject misleading information. The lack of a patch at the time of reporting necessitates interim risk management strategies. This vulnerability is particularly relevant for websites relying on the WP Table Builder plugin for content management, as unauthorized table creation could lead to misinformation, defacement, or reputational damage.
Potential Impact
For European organizations, this vulnerability primarily threatens the integrity of website content managed via the WP Table Builder plugin. Unauthorized creation of table posts can lead to misinformation, defacement, or insertion of malicious content that could mislead users or damage brand reputation. While confidentiality and availability are not directly impacted, the trustworthiness and reliability of affected websites could be compromised. Organizations in sectors such as e-commerce, media, education, and government that rely on WordPress sites with this plugin may face reputational harm and potential loss of customer confidence. Additionally, attackers could leverage this vulnerability as a foothold for further attacks if combined with other vulnerabilities or social engineering tactics. The medium severity score suggests a moderate risk level, but the ease of exploitation by low-privilege authenticated users increases the likelihood of exploitation in environments with weak user access controls.
Mitigation Recommendations
1. Monitor the WP Table Builder plugin vendor announcements closely and apply security patches immediately once available. 2. Until a patch is released, restrict Subscriber-level user capabilities by customizing WordPress roles and permissions to prevent unauthorized table creation. 3. Implement strict user access controls and audit user roles to ensure only trusted users have Subscriber-level or higher access. 4. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious requests targeting the save_table() function or related endpoints. 5. Regularly audit website content for unauthorized changes, especially new table posts created without administrative approval. 6. Educate site administrators and content managers about this vulnerability and encourage vigilance regarding unusual site behavior. 7. Consider disabling or replacing the WP Table Builder plugin with alternatives that have a stronger security track record if immediate patching is not feasible. 8. Maintain comprehensive backups of website content to enable rapid restoration in case of unauthorized modifications.
Affected Countries
Germany, United Kingdom, France, Netherlands, Italy, Spain
CVE-2025-13753: CWE-863 Incorrect Authorization in wptb WP Table Builder – Drag & Drop Table Builder
Description
CVE-2025-13753 is a medium-severity vulnerability in the WP Table Builder – Drag & Drop Table Builder WordPress plugin, affecting all versions up to 2. 0. 19. It involves an incorrect authorization check in the save_table() function, allowing authenticated users with Subscriber-level access or higher to create new wptb-table posts without proper permissions. This flaw does not impact confidentiality or availability but allows unauthorized data modification, potentially leading to content manipulation or defacement. Exploitation requires no user interaction beyond authentication, and no known exploits are currently in the wild. European organizations using this plugin on WordPress sites are at risk of unauthorized content changes, which could affect website integrity and trust. Mitigation involves updating the plugin once a patch is available or restricting Subscriber-level user capabilities as a temporary measure. Countries with high WordPress adoption and significant use of this plugin, such as Germany, the UK, France, and the Netherlands, are more likely to be affected. Given the medium CVSS score and the nature of the vulnerability, organizations should prioritize monitoring and access control improvements to reduce risk.
AI-Powered Analysis
Technical Analysis
CVE-2025-13753 is a vulnerability classified under CWE-863 (Incorrect Authorization) found in the WP Table Builder – Drag & Drop Table Builder plugin for WordPress. The issue lies in the save_table() function, which fails to properly verify user permissions before allowing the creation of new wptb-table posts. This flaw affects all plugin versions up to and including 2.0.19. An attacker with authenticated access at the Subscriber level or higher can exploit this vulnerability to create unauthorized table posts, effectively modifying site content without proper authorization. The vulnerability does not require user interaction beyond authentication and can be exploited remotely over the network. The CVSS 3.1 base score is 4.3, indicating a medium severity level, with the vector highlighting network attack vector, low attack complexity, and low privileges required. While no known exploits are currently reported in the wild, the vulnerability poses a risk to the integrity of affected WordPress sites, potentially allowing attackers to manipulate displayed data or inject misleading information. The lack of a patch at the time of reporting necessitates interim risk management strategies. This vulnerability is particularly relevant for websites relying on the WP Table Builder plugin for content management, as unauthorized table creation could lead to misinformation, defacement, or reputational damage.
Potential Impact
For European organizations, this vulnerability primarily threatens the integrity of website content managed via the WP Table Builder plugin. Unauthorized creation of table posts can lead to misinformation, defacement, or insertion of malicious content that could mislead users or damage brand reputation. While confidentiality and availability are not directly impacted, the trustworthiness and reliability of affected websites could be compromised. Organizations in sectors such as e-commerce, media, education, and government that rely on WordPress sites with this plugin may face reputational harm and potential loss of customer confidence. Additionally, attackers could leverage this vulnerability as a foothold for further attacks if combined with other vulnerabilities or social engineering tactics. The medium severity score suggests a moderate risk level, but the ease of exploitation by low-privilege authenticated users increases the likelihood of exploitation in environments with weak user access controls.
Mitigation Recommendations
1. Monitor the WP Table Builder plugin vendor announcements closely and apply security patches immediately once available. 2. Until a patch is released, restrict Subscriber-level user capabilities by customizing WordPress roles and permissions to prevent unauthorized table creation. 3. Implement strict user access controls and audit user roles to ensure only trusted users have Subscriber-level or higher access. 4. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious requests targeting the save_table() function or related endpoints. 5. Regularly audit website content for unauthorized changes, especially new table posts created without administrative approval. 6. Educate site administrators and content managers about this vulnerability and encourage vigilance regarding unusual site behavior. 7. Consider disabling or replacing the WP Table Builder plugin with alternatives that have a stronger security track record if immediate patching is not feasible. 8. Maintain comprehensive backups of website content to enable rapid restoration in case of unauthorized modifications.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-11-26T18:34:46.579Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6960b130ecefc3cd7c0f7cf7
Added to database: 1/9/2026, 7:41:36 AM
Last enriched: 1/16/2026, 10:05:27 AM
Last updated: 2/4/2026, 5:29:23 AM
Views: 50
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-67850: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
HighCVE-2025-67849: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
HighCVE-2025-67848: Improper Handling of Insufficient Permissions or Privileges
HighCVE-2025-29867: CWE-843 Access of Resource Using Incompatible Type ('Type Confusion') in Hancom Inc. Hancom Office 2018
HighCVE-2026-1791: CWE-434 Unrestricted Upload of File with Dangerous Type in Hillstone Networks Operation and Maintenance Security Gateway
LowActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.