8 matches found
CVE-2022-29432
CVE-2022-29432 covers multiple authenticated persistent XSS vulnerabilities in the WordPress plugin wpDataTables (versions
CVE-2024-0591
CVE-2024-0591 — wpDataTables WordPress plugin is a reflected XSS in the A parameter affecting versions up to 3.4.2.2, caused by insufficient input sanitization and output escaping. Unauthenticated attackers could inject scripts into pages that are executed when a user is tricked into performing a...
CVE-2021-24198
The CVE concerns wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2, with Improper Access Control . A low-privilege authenticated user, on the page where a table is published, can tamper with parameters (id_key, id_val) to delete data belonging to other users in the same t...
CVE-2023-4314
The wpDataTables WordPress plugin prior to version 2.1.66 fails to validate the input for the Serialized PHP array before deserialization, enabling an admin-assisted PHP object injection that may lead to remote code execution if a gadget chain exists. Affected software: wpDataTables
CVE-2021-24197
The CVE concerns wpDataTables – Tables & Table Charts premium WordPress plugin, version prior to 3.4.2. The vulnerability is Improper Access Control: a low-privileged authenticated user visiting a published table page can tamper with request parameters (formdata[wdt_ID]) to assume table permissio...
CVE-2023-23876
CVE-2023-23876 relates to a stored XSS vulnerability in the WordPress plugin wpDataTables (TMS-Plugins) versions 2.1.49. Public references indicate the impact is limited to this plugin/version range; no exploits or in-the-wild details are provided in the provided documents.
CVE-2021-24200
The CVE-2021-24200 vulnerability affects the wpDataTables – Tables & Table Charts premium WordPress plugin prior to version 3.4.2. A low-privilege authenticated user can trigger a Boolean-based blind SQL Injection on the table list page via /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, ...
CVE-2021-24199
CVE-2021-24199 affects the wpDataTables – Tables & Table Charts premium WordPress plugin (versions before 3.4.2). The vulnerability is a Boolean-based blind SQL Injection in the table list page, exploitable via the POST parameter start on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&t...