3 matches found
CVE-2024-12772
The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...
CVE-2024-12772
creationtimestamp| type| source ---|---|--- 2025-01-31 06:04:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113921455048136997 2025-01-31 06:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdwoiofc2p 2025-01-31 08:15:16+00:00| seen|...
CVE-2024-12772
CVE-2024-12772 affects Ninja Tables – Easy Data Table Builder for WordPress. Multiple sources confirm a stored Cross-Site Scripting (XSS) vulnerability in Ninja Tables prior to version 5.0.17, triggered when outputting unsanitized CSV-import data back to the page. Root cause: inputs are not prope...