Vulnerabilities > TMS Outsource > Wpdatatables > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-03 CVE-2023-23876 Unspecified vulnerability in Tms-Outsource Wpdatatables
Auth.
network
low complexity
tms-outsource
5.4
5.4
2022-05-20 CVE-2022-29432 Unspecified vulnerability in Tms-Outsource Wpdatatables
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters.
network
low complexity
tms-outsource
4.8
4.8
2021-04-12 CVE-2021-24200 Unspecified vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter.
network
low complexity
tms-outsource
6.5
6.5
2021-04-12 CVE-2021-24199 Unspecified vulnerability in Tms-Outsource Wpdatatables
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter.
network
low complexity
tms-outsource
6.5
6.5