33 matches found
CVE-2025-12324
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
CVE-2025-12324 TablePress – Tables in WordPress made easy <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's table shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
PT-2025-44915
Name of the Vulnerable Software and Affected Versions TablePress versions up to and including 3.2.3 Description The TablePress plugin for WordPress is susceptible to Stored Cross-Site Scripting through the table shortcode attributes. Insufficient input sanitization and output escaping on...
EUVD-2019-10734
Malware in sbrugna...
EUVD-2025-26403
Malicious code in bioql PyPI...
EUVD-2024-50046
Malicious code in bioql PyPI...
EUVD-2024-21272
Malicious code in bioql PyPI...
EUVD-2024-43990
Malicious code in bioql PyPI...
EUVD-2025-28378
Malicious code in bioql PyPI...
CVE-2025-5096
The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-title', and 'data-footer' data-attributes in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. Th...
CVE-2024-9595
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the table cell content in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2025-5096
The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-title', and 'data-footer' data-attributes in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. Th...
CVE-2025-5096
The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-title', and 'data-footer' data-attributes in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. Th...
CVE-2025-5096
The CVE-2025-5096 entry describes a DOM-based stored XSS vulnerability in the TablePress WordPress plugin, affecting all versions up to 3.1.2. The issue stems from insufficient input sanitization and output escaping in the data-caption, data-s-content-padding, data-s-title, and data-footer attrib...
PT-2025-22655 · WordPress · Tablepress
Name of the Vulnerable Software and Affected Versions: TablePress plugin for WordPress versions up to, and including, 3.1.2 Description: The issue is related to DOM-Based Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers wi...
WordPress TablePress plugin <= 3.1.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Parameters vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Multiple Parameters vulnerability discovered by Asaf Mozes in WordPress Plugin TablePress versions = 3.1.2...
CVE-2019-20180
The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress...
CVE-2025-2685
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘table-name’ parameter in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...
CVE-2025-2685
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘table-name’ parameter in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...
CVE-2025-2685
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘table-name’ parameter in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...