Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpdatatables vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9175
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.
Wpdatatables Wpdatatables
1 EDB exploit
9.8
CVSSv3
CVE-2021-26754
wpDataTables prior to 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.
Wpdatatables Wpdatatables
7.2
CVSSv3
CVE-2023-4314
The wpDataTables WordPress plugin prior to 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the...
Tms-outsource Wpdatatables
5.4
CVSSv3
CVE-2023-23876
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TMS-Plugins wpDataTables plugin <= 2.1.49 versions.
Tms-outsource Wpdatatables
4.8
CVSSv3
CVE-2022-29432
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable...
Tms-outsource Wpdatatables
8.1
CVSSv3
CVE-2021-24197
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are prese...
Tms-outsource Wpdatatables
8.1
CVSSv3
CVE-2021-24198
The wpDataTables – Tables & Table Charts premium WordPress plugin prior to 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are prese...
Tms-outsource Wpdatatables
4.8
CVSSv3
CVE-2022-25618
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
Tms-outsource Wpdatatables Lite
6.1
CVSSv3
CVE-2019-6011
Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tms-outsource Wpdatatables Lite
7.2
CVSSv3
CVE-2019-6012
SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and previous versions allows remote authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Tms-outsource Wpdatatables Lite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »