91 matches found
CVE-2022-47602
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...
CVE-2022-46852
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP Table Builder plugin = 1.4.6 versions...
CVE-2022-4491
The WP-Table Reloaded WordPress plugin through 1.9.4 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...
CVE-2022-47601
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2...
CVE-2025-32598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...
CVE-2025-32598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...
CVE-2025-32598
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder allows Reflected XSS. This issue affects WP Table Builder: from n/a through 2.0.4...
CVE-2025-32598
CVE-2025-32598 is a Reflected XSS vulnerability in the WordPress plugin WP Table Builder. Affected: WP Table Builder <= 2.0.4 (per initial entry); related Wordfence entry shows a patch in 2.0.5 (and later). Exploitation would involve input that is reflected in the generated web page. Remediati...
CVE-2025-32598 WordPress WP Table Builder plugin <= 2.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...
PT-2025-16079 · WordPress · Wp Table Builder
Name of the Vulnerable Software and Affected Versions: WP Table Builder versions 2.0.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For WP Table...
WordPress WP Table Builder plugin <= 2.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Table Builder versions = 2.0.5...
CVE-2024-13374
The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...
CVE-2024-13374 WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure
The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...
CVE-2024-13374
Summary (CVE-2024-13374) The WordPress plugin WP Table Manager is affected up to version 4.1.3 . The vulnerability stems from a missing capability check in the AJAX action thewptm_getFolders , allowing authenticated attackers with Subscriber-level access or higher to read arbitrary file names and...
CVE-2024-13374 WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure
The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...
CVE-2022-47601
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2...
WordPress WP Table Builder plugin < 1.6.0 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Table Builder versions 1.6.0...
CVE-2024-3282
The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3282 WP Table Builder <= 1.5.0 - Admin+ Stored XSS
The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2024-24894 · WordPress · Wp Table Builder
Name of the Vulnerable Software and Affected Versions: WP Table Builder WordPress plugin versions 1.5.0 and earlier Description: The issue concerns the WP Table Builder WordPress plugin, which does not properly sanitise and escape some of its table data. This could allow high-privilege users, suc...