Wpmanageninja

Ninja Tables

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2025-2940

  • EPSS 0.11%
  • Published 27.06.2025 08:23:57
  • Last modified 07.07.2025 15:35:41

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web re...

5.6

CVE-2025-2939

  • EPSS 0.08%
  • Published 03.06.2025 02:27:34
  • Last modified 10.07.2025 14:20:31

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the args[callback] parameter . This makes it possible for u...

5.4

CVE-2024-12772

Exploit
  • EPSS 0.01%
  • Published 31.01.2025 06:15:27
  • Last modified 28.03.2025 18:08:42

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability.

5.4

CVE-2024-7304

  • EPSS 0.09%
  • Published 27.08.2024 07:15:04
  • Last modified 12.09.2024 21:32:36

The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. This makes i...

5.3

CVE-2024-23504

  • EPSS 0.28%
  • Published 14.06.2024 06:15:11
  • Last modified 21.11.2024 08:57:50

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5.

4.3

CVE-2024-23503

  • EPSS 0.07%
  • Published 11.06.2024 16:15:18
  • Last modified 21.11.2024 08:57:50

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6.

4.9

CVE-2024-35635

  • EPSS 0.16%
  • Published 03.06.2024 10:15:14
  • Last modified 03.04.2025 00:11:56

Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.9.

8.8

CVE-2022-47136

  • EPSS 0.06%
  • Published 25.05.2023 12:15:10
  • Last modified 21.11.2024 07:31:33

Cross-Site Request Forgery (CSRF) vulnerability in WPManageNinja LLC Ninja Tables – Best Data Table Plugin for WordPress plugin <= 4.3.4 versions.

4.8

CVE-2022-47137

  • EPSS 0.06%
  • Published 10.05.2023 11:15:09
  • Last modified 21.11.2024 07:31:34

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPManageNinja LLC Ninja Tables plugin <= 4.3.4 versions.

4.8

CVE-2021-24900

Exploit
  • EPSS 0.28%
  • Published 01.02.2022 13:15:08
  • Last modified 21.11.2024 05:53:58

The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and escape some of its table fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed