CVE-2019-16931

The WordPress Visualizer plugin (versions prior to 3.3.1; affected entry cites 3.3.0) contains a stored XSS via the WP-JSON API endpoint /wp-json/visualizer/v1/update-chart. The root cause is that Block.php registers this endpoint with no access control and Data.php lacks output sanitization, all...

CVE-2019-16932

CVE-2019-16932 affects WordPress Visualizer plugin

CVE-2024-27958

CVE-2024-27958 is a Reflected XSS in Themeisle Visualizer (Visualizer: Tables and Charts Manager for WordPress). Affected: Visualizer (n/a through 3.10.5). Root cause: improper neutralization of input during web page generation. Impact per description: Reflected XSS. Remediation: update to patche...

CVE-2022-2444

The CVE-2022-2444 issue affects the WordPress plugin Visualizer (Tables and Charts Manager) up to version 3.7.9. It hinges on deserialization of untrusted input via the remote_data parameter, allowing authenticated attackers with contributor privileges to upload a payload that can be executed thr...

CVE-2022-46848

CVE-2022-46848 affects the WordPress plugin Themeisle Visualizer: Tables and Charts Manager, versioned

CVE-2024-35736

CVE-2024-35736 concerns Themeisle Visualizer (Visualizer: Tables and Charts Manager for WordPress). A SQL Injection was reported due to improper neutralization of special elements in the plugin, affecting Visualizer: from n/a through 3.11.1. The linked data shows a CVSS base score of 8.8 (high) w...

CVE-2023-23708

The CVE-2023-23708 entry concerns the WordPress plugin Themeisle Visualizer: Tables and Charts Manager for WordPress (WordPress Visualizer) and its affected versions 3.9.4 (fix available in 3.9.5 according to Patchstack). There is no explicit information about in-the-wild exploitation in the prov...