Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tms-outsource wpdatatables vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-4314
The wpDataTables WordPress plugin prior to 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the...
Tms-outsource Wpdatatables
5.4
CVSSv3
CVE-2023-23876
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TMS-Plugins wpDataTables plugin <= 2.1.49 versions.
Tms-outsource Wpdatatables
4.8
CVSSv3
CVE-2022-29432
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable...
Tms-outsource Wpdatatables
4.8
CVSSv3
CVE-2022-25618
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
Tms-outsource Wpdatatables Lite
8.1
CVSSv3
CVE-2021-24197
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are prese...
Tms-outsource Wpdatatables
8.1
CVSSv3
CVE-2021-24198
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are prese...
Tms-outsource Wpdatatables
6.5
CVSSv3
CVE-2021-24199
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on ...
Tms-outsource Wpdatatables
6.5
CVSSv3
CVE-2021-24200
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on ...
Tms-outsource Wpdatatables
6.1
CVSSv3
CVE-2019-6011
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tms-outsource Wpdatatables Lite
7.2
CVSSv3
CVE-2019-6012
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and previous versions allows remote authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Tms-outsource Wpdatatables Lite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started