CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

RedhatCVE•added 2026/06/05 7:29 p.m.•9 views

CVE-2026-2306

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks on the createFluentCartTable function in all versions up to, and including, 5.2.6. This makes it possible for authenticated attackers, with...

4.3CVSS5.6AI score0.00248EPSS

Exploits0References1

Vulnrichment•added 2026/01/06 4:36 p.m.•2 views

CVE-2025-69351 WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows Blind SQL Injection.This issue affects Ninja Tables: from n/a through = 5.2.4...

8.5CVSS7.3AI score0.00205EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-11812

Malware in sbrugna...

4.8CVSS5AI score0.00675EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-19379

Malicious code in bioql PyPI...

7.2CVSS6.4AI score0.00277EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-49912

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.0042EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-48245

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00363EPSS

Exploits0References5

CVE•added 2025/06/27 8:23 a.m.•25 views

CVE-2025-2940

CVE-2025-2940 (Ninja Tables – Easy Data Table Builder for WordPress) is a confirmed SSRF vulnerability present in all versions up to 5.0.18, exploitable via the args[url] parameter. An unauthenticated attacker can make web requests from the vulnerable WordPress instance to arbitrary locations, en...

7.2CVSS6.9AI score0.00277EPSS

Exploits0References5Affected Software1

Cvelist•added 2025/06/27 8:23 a.m.•7 views

CVE-2025-2940 Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the argsurl parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from th...

7.2CVSS0.00277EPSS

Exploits0References5

RedhatCVE•added 2025/06/05 3:4 a.m.•29 views

CVE-2025-2939

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the argscallback parameter . This makes it possible for unauthenticated attackers to inject a PHP Object...

5.6CVSS7.9AI score0.00462EPSS

Exploits0References1

NVD•added 2025/06/03 3:15 a.m.•9 views

CVE-2025-2939

5.6CVSS0.00462EPSS

Exploits0References4

CVE•added 2025/06/03 2:27 a.m.•76 views

CVE-2025-2939

The CVE describes a PHP Object Injection in the WordPress plugin Ninja Tables – Easy Data Table Builder (versions up to and including 5.0.18). The vulnerability arises from deserialization of untrusted input via the args[callback] parameter, enabling unauthenticated attackers to inject a PHP Obje...

5.6CVSS6.2AI score0.00462EPSS

Exploits0References4Affected Software1

Patchstack•added 2025/06/02 8:1 p.m.•6 views

WordPress Ninja Tables – Easy Data Table Builder plugin <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code Execution vulnerability

Unauthenticated PHP Object Injection to Limited Remote Code Execution vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ninja Tables versions = 5.0.18...

5.6CVSS7.4AI score0.00462EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 7:10 a.m.•9 views

CVE-2024-12772

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...

6.1CVSS6.2AI score0.00307EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:45 p.m.•8 views

CVE-2022-47137

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...

5.9CVSS5.6AI score0.0042EPSS

Exploits0

OSV•added 2025/01/31 6:15 a.m.•2 views

CVE-2024-12772

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability...

5.4CVSS7.3AI score0.00307EPSS

Exploits1References1

OSV•added 2024/08/27 7:15 a.m.•3 views

CVE-2024-7304

The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.00363EPSS

Exploits0References5

CNNVD•added 2023/05/25 12:0 a.m.•3 views

WordPress plugin Ninja Tables – Best Data Table 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.2AI score0.00271EPSS

Exploits0References2

OSV•added 2023/05/10 11:15 a.m.•2 views

CVE-2022-47137

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...

4.8CVSS5.8AI score0.0042EPSS

Exploits0References1

NVD•added 2023/05/10 11:15 a.m.•14 views

CVE-2022-47137

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...

5.9CVSS5.4AI score0.0042EPSS

Exploits0References1