cbcvebase.

Supsystic Data Tables Generator vulnerabilities

4 known vulnerabilities affecting supsystic/data_tables_generator.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2020-12075P2HIGHCVSS 8.8Exploitedfixed in 1.9.922020-04-23
CVE-2020-12075 [HIGH] CWE-276 CVE-2020-12075: The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks fo The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.
nvd
CVE-2020-12076P4HIGHCVSS 8.8fixed in 1.9.922020-04-23
CVE-2020-12076 [HIGH] CWE-352 CVE-2020-12076: The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks fo The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.
nvd
CVE-2023-25043P4MEDIUMCVSS 4.3≥ n/a, ≤ 1.10.252024-04-17
CVE-2023-25043 [MEDIUM] CWE-863 CVE-2023-25043: Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tab Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25.
nvd
CVE-2022-2114P4MEDIUMCVSS 4.8fixed in 1.10.202022-07-17
CVE-2022-2114 [MEDIUM] CWE-79 CVE-2022-2114: The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
nvd
Supsystic Data Tables Generator vulnerabilities | cvebase