Vulnerabilities > Supsystic > Data Tables Generator

DATE CVE VULNERABILITY TITLE RISK
2022-07-17 CVE-2022-2114 Cross-site Scripting vulnerability in Supsystic Data Tables Generator
The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
network
supsystic CWE-79
3.5
3.5
2020-04-23 CVE-2020-12076 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Data Tables Generator
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions.
network
supsystic CWE-352
6.8
6.8
2020-04-23 CVE-2020-12075 Incorrect Default Permissions vulnerability in Supsystic Data Tables Generator
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.
network
low complexity
supsystic CWE-276
6.5
6.5