Lucene search
K

91 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:54 a.m.9 views

CVE-2022-47602

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in JoomUnited WP Table Manager plugin = 3.5.2 versions...

6.5CVSS5.6AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:49 a.m.9 views

CVE-2022-46852

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP Table Builder plugin = 1.4.6 versions...

5.9CVSS5.6AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.7 views

CVE-2022-4491

The WP-Table Reloaded WordPress plugin through 1.9.4 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...

5.4CVSS6AI score0.00471EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 p.m.8 views

CVE-2022-47601

Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2...

5.3CVSS5.1AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/13 9:5 a.m.20 views

CVE-2025-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...

7.1CVSS7.2AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.24 views

CVE-2025-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...

7.1CVSS0.00336EPSS
Exploits0References1
OSV
OSV
added 2025/04/11 9:15 a.m.5 views

CVE-2025-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder allows Reflected XSS. This issue affects WP Table Builder: from n/a through 2.0.4...

6.1CVSS5.8AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2025/04/11 8:42 a.m.63 views

CVE-2025-32598

CVE-2025-32598 is a Reflected XSS vulnerability in the WordPress plugin WP Table Builder. Affected: WP Table Builder <= 2.0.4 (per initial entry); related Wordfence entry shows a patch in 2.0.5 (and later). Exploitation would involve input that is reflected in the generated web page. Remediati...

7.1CVSS7.2AI score0.00336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.35 views

CVE-2025-32598 WordPress WP Table Builder plugin <= 2.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Table Builder WP Table Builder wp-table-builder allows Reflected XSS.This issue affects WP Table Builder: from n/a through = 2.0.5...

7.1CVSS0.00336EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.5 views

PT-2025-16079 · WordPress · Wp Table Builder

Name of the Vulnerable Software and Affected Versions: WP Table Builder versions 2.0.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For WP Table...

7.1CVSS7.3AI score0.00336EPSS
Exploits0References8
Patchstack
Patchstack
added 2025/04/09 4:39 p.m.8 views

WordPress WP Table Builder plugin <= 2.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Table Builder versions = 2.0.5...

7.1CVSS6.9AI score0.00336EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/02/12 6:15 a.m.16 views

CVE-2024-13374

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...

6.5CVSS0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/12 5:28 a.m.9 views

CVE-2024-13374 WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...

4.3CVSS4.4AI score0.00297EPSS
Exploits0References2
CVE
CVE
added 2025/02/12 5:28 a.m.67 views

CVE-2024-13374

Summary (CVE-2024-13374) The WordPress plugin WP Table Manager is affected up to version 4.1.3 . The vulnerability stems from a missing capability check in the AJAX action thewptm_getFolders , allowing authenticated attackers with Subscriber-level access or higher to read arbitrary file names and...

6.5CVSS4.3AI score0.00297EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/02/12 5:28 a.m.30 views

CVE-2024-13374 WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...

4.3CVSS0.00297EPSS
Exploits0References2
NVD
NVD
added 2025/01/02 4:15 p.m.15 views

CVE-2022-47601

Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2...

5.3CVSS0.004EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/23 6:54 a.m.5 views

WordPress WP Table Builder plugin < 1.6.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Table Builder versions 1.6.0...

4.8CVSS6.1AI score0.00294EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/08/23 6:15 a.m.21 views

CVE-2024-3282

The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00294EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/23 6:0 a.m.12 views

CVE-2024-3282 WP Table Builder <= 1.5.0 - Admin+ Stored XSS

The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00294EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.3 views

PT-2024-24894 · WordPress · Wp Table Builder

Name of the Vulnerable Software and Affected Versions: WP Table Builder WordPress plugin versions 1.5.0 and earlier Description: The issue concerns the WP Table Builder WordPress plugin, which does not properly sanitise and escape some of its table data. This could allow high-privilege users, suc...

4.8CVSS5.6AI score0.00294EPSS
Exploits1References9
Rows per page
Query Builder