RSS   Vulnerabilities for 'Data tables generator'   RSS

2022-07-17
 
CVE-2022-2114

CWE-79
 

 
The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

 
2020-04-23
 
CVE-2020-12076

CWE-352
 

 
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.

 
 
CVE-2020-12075

CWE-276
 

 
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.

 

 >>> Vendor: Supsystic 10 Products
Contact form
Popup
Newsletter by supsystic
Pricing table by supsystic
Data tables generator
Ultimate maps
Easy google maps
Price table
Social share buttons
Digital publications by supsystic


Copyright 2024, cxsecurity.com

 

Back to Top