Filtered by vendor Tms-outsource
Subscribe
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24199 | 1 Tms-outsource | 1 Wpdatatables | 2021-04-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application. | |||||
| CVE-2019-6011 | 1 Tms-outsource | 1 Wpdatatables Lite | 2020-01-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2019-6012 | 1 Tms-outsource | 1 Wpdatatables Lite | 2020-01-03 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||