CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

150 matches found

CVE•added 2024/11/09 12:7 p.m.•53 views

CVE-2024-51710

CVE-2024-51710 affects Minerva Infotech’s Responsive Data Table (WordPress plugin). It is a Reflected XSS vulnerability caused by improper input neutralization during web page generation, with CVSS v3.1 base score 7.1 (HIGH). Impact is listed as LOW for confidentiality, integrity, and availabilit...

7.1CVSS7.2AI score0.00259EPSS

Exploits0References1

Positive Technologies•added 2024/11/09 12:0 a.m.•2 views

PT-2024-34857 · Minerva Infotech · Minerva Infotech Responsive Data Table

Name of the Vulnerable Software and Affected Versions: Minerva Infotech Responsive Data Table versions 1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks...

7.1CVSS5.8AI score0.00259EPSS

Exploits0References4

CNNVD•added 2024/11/09 12:0 a.m.•4 views

WordPress plugin Responsive Data Table 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.7AI score0.00259EPSS

Exploits0References1

Patchstack•added 2024/11/04 9:8 a.m.•3 views

WordPress Responsive Data Table plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Responsive Data Table versions = 1.3...

7.1CVSS6.1AI score0.00259EPSS

Exploits0Affected Software1

Patchstack•added 2024/11/04 12:0 a.m.•13 views

WordPress Responsive Data Table Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Data Table Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51710 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 929bb6af39fb Credits João Pedro S Alcântara Kinorth...

7.1CVSS6.9AI score0.00259EPSS

Exploits0References1Affected Software1

OSV•added 2024/10/12 10:15 a.m.•3 views

CVE-2024-8902

The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the rendercolumn function in modules/data-table/widgets/data-table.php. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS5.8AI score0.00368EPSS

Exploits0References2

Positive Technologies•added 2024/10/12 12:0 a.m.•2 views

PT-2024-39309 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.13.8 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private, pending, and draft template data v...

4.3CVSS6.5AI score0.00368EPSS

Exploits0References7

NVD•added 2024/09/10 4:15 a.m.•10 views

CVE-2024-44112

Due to missing authorization check in SAP for Oil & Gas Transportation and Distribution, an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or...

4.3CVSS0.0025EPSS

Exploits0References2

Vulnrichment•added 2024/09/10 4:3 a.m.•11 views

CVE-2024-44112 Missing Authorization check in SAP for Oil & Gas (Transportation and Distribution)

4.3CVSS7AI score0.0025EPSS

Exploits0References2

WPVulnDB•added 2024/06/05 12:0 a.m.•14 views

Ninja Tables – Easiest Data Table Builder < 5.0.10 - Authenticated (Admin+) Server-Side Request Forgery

Description The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.9. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary...

4.9CVSS9.2AI score0.00243EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2024/05/31 12:0 a.m.•21 views

wpDataTables - Tables & Table Charts (Premium) < 6.4 - Missing Authorization to DataTable Access & Modification

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it...

7.3CVSS6.6AI score0.00325EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/05/23 2:33 a.m.•16 views

CVE-2024-4895 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.12 - Unauthenticated Stored Cross-Site Scripting via CSV Import

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input sanitization and output escaping. This makes it...

4.7CVSS6.1AI score0.00374EPSS

Exploits0References3

OSV•added 2024/05/14 3:43 p.m.•4 views

CVE-2024-4448

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' widgets in all versions up to, and including, 5.9.1...

6.1CVSS6AI score0.00508EPSS

Exploits0References4

Vulnrichment•added 2024/05/10 7:33 a.m.•14 views

CVE-2024-4448 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table'

6.4CVSS5.8AI score0.00508EPSS

Exploits0References4

Positive Technologies•added 2024/03/27 12:0 a.m.•4 views

PT-2024-4019 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU5 Description: The issue is related to a SQL Injection vulnerability in the GetVulnerabilitiesDataTable method of Ivanti Endpoint Manager, due to a lack of protection for the SQL query structur...

9CVSS8.7AI score0.08484EPSS

Exploits0References8

OSV•added 2024/03/13 4:15 p.m.•3 views

CVE-2024-1537

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output...

6.4CVSS7.4AI score0.00421EPSS

Exploits0References2

NVD•added 2024/03/13 4:15 p.m.•9 views

CVE-2024-1537

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output...

6.4CVSS5.7AI score0.00421EPSS

Exploits0References2

Cvelist•added 2024/03/13 3:26 p.m.•23 views

CVE-2024-1537 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00421EPSS

Exploits0References2

Vulnrichment•added 2024/03/13 3:26 p.m.•13 views

CVE-2024-1537 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Data Table

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output...

6.4CVSS7AI score0.00421EPSS

Exploits0References2

Vulnrichment•added 2024/03/13 3:26 p.m.•15 views

CVE-2024-0591 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.2 - Reflected Cross-Site Scripting.

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS7AI score0.0061EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by