Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tms-outsource vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2022-0837
The Amelia WordPress plugin prior to 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment hist...
Tms-outsource Amelia
490
VMScore
CVE-2021-24197
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are prese...
Tms-outsource Wpdatatables
383
VMScore
CVE-2022-0616
The Amelia WordPress plugin prior to 1.0.47 does not have CSRF check in place when deleting customers, which could allow malicious users to make a logged in admin delete arbitrary customers via a CSRF attack
Tms-outsource Amelia
NA
CVE-2023-4314
The wpDataTables WordPress plugin prior to 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the...
Tms-outsource Wpdatatables
NA
CVE-2023-50860
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n...
Tms-outsource Amelia
312
VMScore
CVE-2022-25618
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
Tms-outsource Wpdatatables Lite
383
VMScore
CVE-2019-6011
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tms-outsource Wpdatatables Lite
578
VMScore
CVE-2019-6012
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and previous versions allows remote authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Tms-outsource Wpdatatables Lite
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2