CVE-2026-28039
- EPSS 0.15%
- Veröffentlicht 05.03.2026 06:16:36
- Zuletzt bearbeitet 06.03.2026 19:16:21
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through <= 6.5.0...
CVE-2024-3821
- EPSS 0.32%
- Veröffentlicht 01.06.2024 09:15:09
- Zuletzt bearbeitet 15.04.2026 00:35:42
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdt_ajax_actions.php file in all versions up to, and...
CVE-2024-4895
- EPSS 3.32%
- Veröffentlicht 23.05.2024 03:15:08
- Zuletzt bearbeitet 15.04.2026 00:35:42
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient input ...
- EPSS 9.12%
- Veröffentlicht 08.02.2021 00:15:12
- Zuletzt bearbeitet 21.11.2024 05:56:48
wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.
CVE-2014-9175
- EPSS 4.85%
- Veröffentlicht 02.12.2014 16:59:12
- Zuletzt bearbeitet 12.04.2025 10:46:40
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.