2 matches found
CVE-2021-24200 wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'length' HTTP POST parameter...
CVE-2021-24200
The CVE-2021-24200 vulnerability affects the wpDataTables – Tables & Table Charts premium WordPress plugin prior to version 3.4.2. A low-privilege authenticated user can trigger a Boolean-based blind SQL Injection on the table list page via /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, ...