Tms Outsource

tms-outsource

23 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Wpdatatables Lite

wpdatatables_lite

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-24197 1Tms Outsource 1Wpdatatables Nov 21, 2024 Apr 12, 2021 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters t...Show more The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table.Show less
CVE-2019-6012 1Tms Outsource 1Wpdatatables Lite Nov 21, 2024 Dec 26, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2019-6011 1Tms Outsource 1Wpdatatables Lite Nov 21, 2024 Dec 26, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.