CVE-2026-5721
- EPSS 0.27%
- Veröffentlicht 20.04.2026 22:25:26
- Zuletzt bearbeitet 22.04.2026 20:22:50
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output e...
CVE-2026-28039
- EPSS 0.35%
- Veröffentlicht 05.03.2026 06:16:36
- Zuletzt bearbeitet 28.04.2026 19:37:24
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through <= 6.5.0...
CVE-2024-3821
- EPSS 0.33%
- Veröffentlicht 01.06.2024 09:15:09
- Zuletzt bearbeitet 15.04.2026 00:35:42
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdt_ajax_actions.php file in all versions up to, and...
CVE-2024-4895
- EPSS 0.37%
- Veröffentlicht 23.05.2024 03:15:08
- Zuletzt bearbeitet 15.04.2026 00:35:42
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input ...
- EPSS 4.62%
- Veröffentlicht 08.02.2021 00:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:48
wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.
CVE-2014-9175
- EPSS 4.74%
- Veröffentlicht 02.12.2014 16:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.