Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tms-outsource wpdatatables vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4314
The wpDataTables WordPress plugin prior to 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the...
Tms-outsource Wpdatatables
NA
CVE-2023-23876
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TMS-Plugins wpDataTables plugin <= 2.1.49 versions.
Tms-outsource Wpdatatables
490
VMScore
CVE-2021-24198
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are prese...
Tms-outsource Wpdatatables
490
VMScore
CVE-2021-24197
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are prese...
Tms-outsource Wpdatatables
312
VMScore
CVE-2022-29432
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable...
Tms-outsource Wpdatatables
312
VMScore
CVE-2022-25618
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
Tms-outsource Wpdatatables Lite
383
VMScore
CVE-2019-6011
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tms-outsource Wpdatatables Lite
578
VMScore
CVE-2019-6012
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and previous versions allows remote authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Tms-outsource Wpdatatables Lite
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started