CVE-2025-12483

The vulnerability CVE-2025-12483 affects the Visualizer: Tables and Charts Manager for WordPress plugin. It is an authenticated SQL Injection via the query parameter in all versions up to 3.11.12, due to insufficient escaping and query preparation, enabling attackers with Contributor-level access...

WordPress Visualizer Plugin <= 3.10.15 is vulnerable to SQL Injection

Software Visualizer Type Plugin Vulnerable versions = 3.10.15 Fixed in 3.11.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-3750 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 6418115de830 Credits Krzysztof Zając Required privilege Subscriber...

WordPress Visualizer Plugin <= 3.10.5 is vulnerable to Cross Site Scripting (XSS)

Software Visualizer Type Plugin Vulnerable versions = 3.10.5 Fixed in 3.10.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27958 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID c3450277a0c7 Credits stealthcopter Required privilege...

WordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS)

Software Visualizer Type Plugin Vulnerable versions = 3.9.4 Fixed in 3.9.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23708 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d0daddcc471b Credits Rafshanzani Suhada Required...

WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Visualizer Type Plugin Vulnerable versions = 3.9.1 Fixed in 3.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46848 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5d57cada7c6d Credits Muhammad Daffa Required...