WordPress WP jQuery DataTable plugin <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP jQuery DataTable versions = 4.0.1...

EUVD-2024-50910

Malicious code in bioql PyPI...

CVE-2024-13566

The WP DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 0.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2024-13566 WP DataTable <= 0.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The WP DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 0.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2024-56287

CVE-2024-56287 is a stored XSS vulnerability in the WP jQuery DataTable WordPress plugin (biztechc WP jQuery DataTable). The CVE details from connected sources indicate the issue affects the plugin up to version 4.0.1 and can be triggered by an authenticated attacker via standard web input, with ...

PT-2025-3250 · WordPress · Wp Jquery Datatable

Name of the Vulnerable Software and Affected Versions: WP jQuery DataTable versions n/a through 4.0.1 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means an attacker can inject...