3 matches found
CVE-2020-12075
The CVE pertains to the WordPress plugin Data Tables Generator by Supsystic prior to version 1.9.92, which lacks proper capability checks for AJAX actions. This creates an insecure permissions condition for AJAX endpoints in the plugin, as documented by NVD and corroborated by Red Hat and other s...
CVE-2020-12076
The WordPress plugin Data Tables Generator by Supsystic is vulnerable prior to version 1.9.92 due to missing CSRF nonce checks on AJAX actions, leading to stored XSS. Multiple sources (NVD/Red Hat/OpenVAS entries and related advisories) confirm this issue and its impact. Remediation: upgrade to 1...
CVE-2022-2114
The CVE-2022-2114 entry concerns the WordPress plugin Data Tables Generator by Supsystic. The vulnerability arises because the plugin before version 1.10.20 does not sanitise and escape certain Table settings, enabling stored XSS for high-privilege users (e.g., admin) when unfiltered_html is disa...