67 matches found
CVE-2023-4858 WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting
The Simple Table Manager WordPress plugin through 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-4858
The CVE-2023-4858 entry concerns WP Simple Table Manager (
WordPress Plugin WP Simple Table Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
PT-2023-30862 · WordPress · Simple Table Manager
Name of the Vulnerable Software and Affected Versions: The Simple Table Manager WordPress plugin versions 1.5.6 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, f...
WordPress WP Simple Table Manager Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS)
Software WP Simple Table Manager Type Plugin Vulnerable versions = 1.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4858 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4aaeb214600f Credits niclo Required...
WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Click Simple Table Manager then...
CVE-2022-47602
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...
CVE-2022-47602
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...
CVE-2022-47602
CVE-2022-47602 affects the WordPress WP Table Manager plugin up to version 3.5.2. The issue is a stored XSS due to insufficient sanitization/escaping of parameters submitted by authenticated users with Contributor+ privileges. Exploitation requires user interaction. The vulnerability’s impact is ...
CVE-2022-47602 WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...
PT-2023-15425 · Joomunited · Wp Table Manager
Name of the Vulnerable Software and Affected Versions: JoomUnited WP Table Manager plugin versions prior to 3.5.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or users with higher privileges. There is no...
WordPress Plugin WP Table Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)
Software WP Table Manager Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47602 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 400e13da24ca Credits Cat Required...
WP Table Manager < 3.5.3 - Contributor+ Stored XSS
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...
WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Broken Access Control
Software WP Table Manager Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47601 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID dd961e3e7567 Credits Cat Required privilege...
CVE-2022-38295
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...
CVE-2022-38295
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...
WordPress plugin WP Table Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2022-24266
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the orderby parameter...
CVE-2022-24264
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the searchword parameter...