cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3750,https://securityvulnerability.io/vulnerability/CVE-2024-3750,Unauthorized Data Modification Vulnerability in The Visualizer's Tables and Charts Manager for WordPress Plugin,"The Visualizer: Tables and Charts Manager for WordPress plugin is susceptible to unauthorized modifications and data retrieval due to a missing capability check in the getQueryData() function. All versions up to and including 3.10.15 are impacted, allowing authenticated attackers with subscriber-level access and above to execute arbitrary SQL queries. This vulnerability poses significant risks, including privilege escalation, thereby compromising the integrity and security of the WordPress site. Prompt updates and security measures are essential to mitigate potential threats associated with this vulnerability.",Wordpress,Visualizer: Tables And Charts Manager For WordPress,8.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-16T02:36:48.950Z,0
CVE-2023-23708,https://securityvulnerability.io/vulnerability/CVE-2023-23708,WordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS),Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 versions.,Wordpress,Visualizer: Tables and Charts Manager for WordPress,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2023-05-03T13:15:00.000Z,0
CVE-2022-46848,https://securityvulnerability.io/vulnerability/CVE-2022-46848,WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS),Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.1 versions.,Wordpress,Visualizer: Tables And Charts Manager For WordPress,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2023-03-28T07:50:28.657Z,0
CVE-2022-2444,https://securityvulnerability.io/vulnerability/CVE-2022-2444,Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization,"The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remote_data' parameter in versions up to, and including 3.7.9. This makes it possible for authenticated attackers with contributor privileges and above to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.",Wordpress,Visualizer: Tables And Charts Manager For WordPress,8.8,HIGH,0.00343000004068017,false,,false,false,false,,false,false,2022-07-18T16:13:34.000Z,0