Lucene search
K

186 matches found

NVD
NVD
added 2021/04/12 2:15 p.m.19 views

CVE-2021-24197

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...

8.1CVSS0.01237EPSS
Exploits0References3
OSV
OSV
added 2021/04/12 2:15 p.m.7 views

CVE-2021-24197

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...

8.1CVSS5.8AI score0.01237EPSS
Exploits0References3
NVD
NVD
added 2021/04/12 2:15 p.m.20 views

CVE-2021-24199

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'start' HTTP POST parameter. Th...

6.5CVSS0.01341EPSS
Exploits0References3
NVD
NVD
added 2021/04/12 2:15 p.m.27 views

CVE-2021-24198

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through...

8.1CVSS0.0147EPSS
Exploits0References3
Prion
Prion
added 2021/04/12 2:15 p.m.20 views

Sql injection

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'length' HTTP POST parameter...

4CVSS6.8AI score0.01341EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/04/12 2:15 p.m.16 views

Improper access control

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...

5.5CVSS7.9AI score0.01237EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/04/12 2:15 p.m.17 views

Improper access control

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through...

5.5CVSS7.9AI score0.0147EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/04/12 1:59 p.m.20 views

CVE-2021-24200 wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'length' HTTP POST parameter...

7.1AI score0.01341EPSS
Exploits0References3
CVE
CVE
added 2021/04/12 1:59 p.m.42 views

CVE-2021-24200

The CVE-2021-24200 vulnerability affects the wpDataTables – Tables & Table Charts premium WordPress plugin prior to version 3.4.2. A low-privilege authenticated user can trigger a Boolean-based blind SQL Injection on the table list page via /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, ...

6.5CVSS6.8AI score0.01341EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/04/12 1:59 p.m.18 views

CVE-2021-24199 wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtable&tableid=1, on the 'start' HTTP POST parameter. Th...

7.1AI score0.01341EPSS
Exploits0References3
CVE
CVE
added 2021/04/12 1:59 p.m.42 views

CVE-2021-24199

CVE-2021-24199 affects the wpDataTables – Tables & Table Charts premium WordPress plugin (versions before 3.4.2). The vulnerability is a Boolean-based blind SQL Injection in the table list page, exploitable via the POST parameter start on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&t...

6.5CVSS6.8AI score0.01341EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/04/12 1:58 p.m.37 views

CVE-2021-24198 wpDataTables < 3.4.2 - Improper Access Control leading to Table Data Deletion

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through...

8.2AI score0.0147EPSS
Exploits0References3
CVE
CVE
added 2021/04/12 1:58 p.m.57 views

CVE-2021-24198

The CVE concerns wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2, with Improper Access Control . A low-privilege authenticated user, on the page where a table is published, can tamper with parameters (id_key, id_val) to delete data belonging to other users in the same t...

8.1CVSS8AI score0.0147EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2021/04/12 1:58 p.m.46 views

CVE-2021-24197

The CVE concerns wpDataTables – Tables & Table Charts premium WordPress plugin, version prior to 3.4.2. The vulnerability is Improper Access Control: a low-privileged authenticated user visiting a published table page can tamper with request parameters (formdata[wdt_ID]) to assume table permissio...

8.1CVSS8AI score0.01237EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/04/12 1:58 p.m.26 views

CVE-2021-24197 wpDataTables < 3.4.2 - Improper Access Control leading to Table Permission Takeover

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...

8.2AI score0.01237EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.7 views

WordPress plugin WpDataTables – Tables & Table Charts premium 安全漏洞

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. wpDataTables is used in one of the chart management plugin . WordPress plugin WpDataTables - Tables & Table Charts...

8.1CVSS5.7AI score0.01237EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.7 views

WordPress和Sprymedia DataTables SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.Sprymedia DataTables is a JavaScript library for converting HTML tables to dynamic tables from the UK company...

6.5CVSS6AI score0.01341EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.5 views

WordPress SQL注入漏洞

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. wpDataTables is used in one of the chart management plugin . WordPress plugin WpDataTables-Tables & Table Charts...

6.5CVSS5.9AI score0.01341EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.7 views

WordPress plugin WpDataTables – Tables & Table Charts premium 安全漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.Sprymedia DataTables is a JavaScript library for converting HTML tables to dynamic tables from the UK company...

8.1CVSS5.7AI score0.0147EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2021/03/16 12:0 a.m.19 views

wpDataTables < 3.4.2 - Blind SQL Injection via length Parameter

The plugin allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtableid=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain...

4CVSS2.6AI score0.01341EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder