cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3820,https://securityvulnerability.io/vulnerability/CVE-2024-3820,Unauthenticated SQL Injection Vulnerability in wpDataTables Plugin Affects Premium Users,"The wpDataTables Plugin for WordPress is prone to SQL Injection vulnerabilities via the 'id_key' parameter associated with the wdt_delete_table_row AJAX action. This flaw arises from inadequate escaping of user-supplied data and insufficient preparation of SQL queries. As a result, unauthenticated attackers can manipulate existing SQL commands, potentially gaining unauthorized access to sensitive information stored in the database. This vulnerability impacts the premium version of the plugin and poses significant risks for website owners utilizing this feature.",Wordpress,"WPdatatables – WordPress Data Table, Dynamic Tables & Table Charts Plugin",10,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-06-01T08:38:58.419Z,0
CVE-2024-3821,https://securityvulnerability.io/vulnerability/CVE-2024-3821,Unauthorized Access Vulnerability in wpDataTables Plugin Affects Premium Version,"The wpDataTables plugin for WordPress is exposed to a significant security vulnerability due to inadequate capability checks in the wdt_ajax_actions.php file. This flaw affects all versions up to and including 6.3.2 and specifically impacts the premium version of the plugin. Unauthorized attackers can exploit this vulnerability to manipulate data tables within WordPress sites, posing a risk to both data integrity and user trust. Website administrators using this plugin should prioritize the application of patches or updates to remedy this weak point.",Wordpress,"WPdatatables – WordPress Data Table, Dynamic Tables & Table Charts Plugin",7.3,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-06-01T08:38:55.760Z,0
CVE-2024-4895,https://securityvulnerability.io/vulnerability/CVE-2024-4895,Stored Cross-Site Scripting Vulnerability in wpDataTables Plugin,"The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"WPdatatables – WordPress Data Table, Dynamic Tables & Table Charts Plugin",4.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-23T02:33:06.431Z,0
CVE-2024-0591,https://securityvulnerability.io/vulnerability/CVE-2024-0591,Reflected Cross-Site Scripting Vulnerability in wpDataTables Plugin for WordPress,The wpDataTables plugin for WordPress is susceptible to Reflected Cross-Site Scripting due to inadequate sanitization of user input and improper escaping of output. Attackers may leverage this flaw by tricking users into clicking malicious links that execute arbitrary web scripts within the context of the site. This vulnerability affects all versions of the plugin up to 3.4.2.2 and poses a significant risk to the security of websites utilizing this plugin.,Wordpress,"WPdatatables – WordPress Data Table, Dynamic Tables & Table Charts Plugin",6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-03-13T15:26:50.625Z,0