186 matches found
EUVD-2024-44463
Malicious code in bioql PyPI...
EUVD-2024-16384
Malicious code in bioql PyPI...
EUVD-2022-33770
Malicious code in bioql PyPI...
CVE-2024-0591
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-4895
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input sanitization and output escaping. This makes it...
CVE-2023-23876
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TMS-Plugins wpDataTables plugin = 2.1.49 versions...
CVE-2021-24200
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtableid=1, on the 'length' HTTP POST parameter. This...
CVE-2021-24198
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through...
CVE-2021-24199
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtableid=1, on the 'start' HTTP POST parameter. This...
CVE-2021-24197
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...
CVE-2021-26754
wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=getwdtable order0dir SQL injection...
CVE-2019-6011
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-6012
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2024-3820
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'idkey' parameter of the wdtdeletetablerow AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user supplied parameter...
CVE-2024-3821
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it possible for...
The vulnerability of the wpDataTables plugin (Premium) in the WordPress content management system allows a hacker to execute arbitrary SQL queries.
The vulnerability of the wpDataTables plugin Premium in the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the idkey parameter in the...
WordPress wpDataTables - Tables & Table Charts (Premium) plugin <= 6.3.2 - Missing Authorization to DataTable Access & Modification vulnerability
WordPress wpDataTables - Tables & Table Charts Premium plugin = 6.3.2 - Missing Authorization to DataTable Access & Modification vulnerability discovered by villu164 in WordPress Plugin wpDataTables versions = 6.3.2...
WordPress wpDataTables - Tables & Table Charts (Premium) plugin <= 6.3.1 - Unauthenticated SQL Injection vulnerability
WordPress wpDataTables - Tables & Table Charts Premium plugin = 6.3.1 - Unauthenticated SQL Injection vulnerability discovered by villu164 in WordPress Plugin wpDataTables versions = 6.3.1...
WordPress wpDataTables Plugin <= 6.3.1 is vulnerable to SQL Injection
Software wpDataTables Type Plugin Vulnerable versions = 6.3.1 Fixed in 6.3.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3820 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 85631b10c84a Credits villu164 Required privilege Unauthenticated Publish...
WordPress wpDataTables Plugin <= 6.3.2 is vulnerable to Broken Access Control
Software wpDataTables Type Plugin Vulnerable versions = 6.3.2 Fixed in 6.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3821 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 276b766fb920 Credits villu164 Required privilege...