Lucene search
K

186 matches found

Vulnrichment
Vulnrichment
added 2024/06/01 8:38 a.m.19 views

CVE-2024-3820 wpDataTables - Tables & Table Charts (Premium) <= 6.3.1 - Unauthenticated SQL Injection

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'idkey' parameter of the wdtdeletetablerow AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user supplied parameter...

10CVSS7.5AI score0.00657EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/01 8:38 a.m.18 views

CVE-2024-3821 wpDataTables - Tables & Table Charts (Premium) <= 6.3.2 - Missing Authorization to DataTable Access & Modification

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it possible for...

7.3CVSS6.7AI score0.00325EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/01 8:38 a.m.27 views

CVE-2024-3821 wpDataTables - Tables & Table Charts (Premium) <= 6.3.2 - Missing Authorization to DataTable Access & Modification

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it possible for...

7.3CVSS7.2AI score0.00325EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/05/31 12:0 a.m.21 views

wpDataTables - Tables & Table Charts (Premium) < 6.4 - Missing Authorization to DataTable Access & Modification

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it...

7.3CVSS6.6AI score0.00325EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/31 12:0 a.m.17 views

wpDataTables - Tables & Table Charts (Premium) < 6.3.2 - Unauthenticated SQL Injection

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'idkey' parameter of the wdtdeletetablerow AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user supplie...

10CVSS7.4AI score0.00657EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/23 9:49 a.m.5 views

WordPress wpDataTables plugin <= 3.4.2.12 - Unauthenticated Stored Cross-Site Scripting via CSV Import vulnerability

Unauthenticated Stored Cross-Site Scripting via CSV Import vulnerability discovered by Tim Coen in WordPress Plugin wpDataTables versions = 3.4.2.12...

4.7CVSS5.8AI score0.00374EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/05/23 3:15 a.m.19 views

CVE-2024-4895

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input sanitization and output escaping. This makes it...

4.7CVSS4.8AI score0.00374EPSS
Exploits0References3
CVE
CVE
added 2024/05/23 2:33 a.m.61 views

CVE-2024-4895

CVE-2024-4895 affects the WordPress plugin WPDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin up to version 3.4.2.12. It is a Stored Cross-Site Scripting vulnerability via the CSV import functionality, allowing unauthenticated attackers to inject scripts that execute when u...

4.7CVSS4.8AI score0.00374EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/23 12:0 a.m.11 views

WordPress wpDataTables Plugin <= 3.4.2.12 is vulnerable to Cross Site Scripting (XSS)

Software wpDataTables Type Plugin Vulnerable versions = 3.4.2.12 Fixed in 3.4.2.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4895 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 468050b27d74 Credits Tim Coen Requir...

4.7CVSS5.6AI score0.00374EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/05/23 12:0 a.m.5 views

WordPress plugin wpDataTables 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.7CVSS5.8AI score0.00374EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2024/05/22 12:0 a.m.16 views

wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin < 3.4.2.14 - Unauthenticated Stored Cross-Site Scripting via CSV Import

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input sanitization and output escaping...

4.7CVSS6AI score0.00374EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/13 4:15 p.m.4 views

CVE-2024-0591

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS5.9AI score0.0061EPSS
Exploits0References4
NVD
NVD
added 2024/03/13 4:15 p.m.24 views

CVE-2024-0591

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS6AI score0.0061EPSS
Exploits0References4
Prion
Prion
added 2024/03/13 4:15 p.m.20 views

Cross site scripting

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...

5.8CVSS6.5AI score0.0061EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/13 3:26 p.m.32 views

CVE-2024-0591 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.2 - Reflected Cross-Site Scripting.

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS6.1AI score0.0061EPSS
Exploits0References4
CVE
CVE
added 2024/03/13 3:26 p.m.72 views

CVE-2024-0591

CVE-2024-0591 — wpDataTables WordPress plugin is a reflected XSS in the A parameter affecting versions up to 3.4.2.2, caused by insufficient input sanitization and output escaping. Unauthenticated attackers could inject scripts into pages that are executed when a user is tricked into performing a...

6.1CVSS6.4AI score0.0061EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.7 views

PT-2024-15672 · WordPress · Wpdatatables

Name of the Vulnerable Software and Affected Versions: wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress versions up to, and including, 3.4.2.2 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization a...

6.1CVSS8.8AI score0.0061EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.5 views

WordPress Plugin wpDataTables Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS6.2AI score0.0061EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/02/21 12:0 a.m.12 views

WordPress wpDataTables Plugin <= 3.4.2.4 is vulnerable to Cross Site Scripting (XSS)

Software wpDataTables Type Plugin Vulnerable versions = 3.4.2.4 Fixed in 3.4.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0591 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8b3b0085c333 Credits stealthcopter Required...

6.1CVSS6AI score0.0061EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/20 12:0 a.m.18 views

wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin < 3.4.2.5 - Reflected Cross-Site Scripting.

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes...

5.8CVSS6.2AI score0.0061EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder