Title: Vulnerability Found
Last modified: October 1, 2022

---

# Vulnerability Found

 *  Resolved [itsjeffersonli](https://wordpress.org/support/users/itsjeffersonli/)
 * (@itsjeffersonli)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/)
 * Hello Tobias Bäthge,
 * I recently found a vulnerability in your Table Press Login can we chat personally
   via email so i can show the proof of concept to you thank you =)

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Moderator [Yui](https://wordpress.org/support/users/fierevere/)
 * (@fierevere)
 * 永子
 * [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/#post-16060501)
 * [@itsjeffersonli](https://wordpress.org/support/users/itsjeffersonli/)
    Please
   do not open any details publicly, consider using this topic only to obtain author
   contacts.
 * Or you can use [https://developer.wordpress.org/plugins/wordpress-org/plugin-security/reporting-plugin-security-issues/](https://developer.wordpress.org/plugins/wordpress-org/plugin-security/reporting-plugin-security-issues/)
 *  Plugin Author [Tobias Bäthge](https://wordpress.org/support/users/tobiasbg/)
 * (@tobiasbg)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/#post-16060692)
 * Hi [@itsjeffersonli](https://wordpress.org/support/users/itsjeffersonli/),
 * thanks for your post. Please send me an email to tobias at tablepress dot org.
   Thanks!
 * Regards,
    Tobias
 *  [wordmax](https://wordpress.org/support/users/wordmax/)
 * (@wordmax)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/#post-16063165)
 * Any update on this? Thanks
 *  Plugin Author [Tobias Bäthge](https://wordpress.org/support/users/tobiasbg/)
 * (@tobiasbg)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/#post-16064565)
 * Hi,
 * as an update for everybody:
    After reviewing this, it turned out to be a case
   of [https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-some-users-allowed-to-post-unfiltered-html](https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-some-users-allowed-to-post-unfiltered-html)
   Admin users are allowed to add arbitrary HTML code to table cells as well, just
   as they can add it to a normal post or page, due to the `unfiltered_html` capability.
   Thus, there’s no security issue here in TablePress.
 * Still, thanks to itsjeffersonli for looking into this and for getting in touch!
 * Regards,
    Tobias

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Vulnerability Found’ is closed to new replies.

 * ![](https://ps.w.org/tablepress/assets/icon.svg?rev=3192944)
 * [TablePress - Tables in WordPress made easy](https://wordpress.org/plugins/tablepress/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/tablepress/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/tablepress/)
 * [Active Topics](https://wordpress.org/support/plugin/tablepress/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/tablepress/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/tablepress/reviews/)

 * 5 replies
 * 4 participants
 * Last reply from: [Tobias Bäthge](https://wordpress.org/support/users/tobiasbg/)
 * Last activity: [3 years, 7 months ago](https://wordpress.org/support/topic/vulnerability-found-6/#post-16064565)
 * Status: resolved