Vulnerabilities > TMS Outsource > Wpdatatables > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-03 CVE-2023-23876 Cross-site Scripting vulnerability in Tms-Outsource Wpdatatables
Auth.
network
low complexity
tms-outsource CWE-79
5.4
5.4
2021-04-12 CVE-2021-24200 SQL Injection vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter.
network
low complexity
tms-outsource CWE-89
4.0
4.0
2021-04-12 CVE-2021-24199 SQL Injection vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter.
network
low complexity
tms-outsource CWE-89
4.0
4.0
2021-04-12 CVE-2021-24198 Unspecified vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control.
network
low complexity
tms-outsource
5.5
5.5
2021-04-12 CVE-2021-24197 Unspecified vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control.
network
low complexity
tms-outsource
5.5
5.5