4 matches found
CVE-2024-12499
The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpjdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12499
creationtimestamp| type| source ---|---|--- 2025-01-07 07:01:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113785784728547244 2025-01-07 07:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf544chwca25 2025-01-07 07:16:03+00:00| seen|...
CVE-2024-12499 WP jQuery DataTable <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpjdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12499
CVE-2024-12499 affects the WordPress WP jQuery DataTable plugin. It is a Stored Cross-Site Scripting vulnerability exploitable by authenticated attackers (contributor level and above) via the plugin shortcode wp_jdt, in all versions up to and including 4.0.1. Public docs confirm the issue and ind...