Vulnerabilities > Wpmanageninja > Ninja Tables > 5.0.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-31 | CVE-2024-12772 | Cross-site Scripting vulnerability in Wpmanageninja Ninja Tables The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability. | 5.4 |
| 2024-08-27 | CVE-2024-7304 | Cross-site Scripting vulnerability in Wpmanageninja Ninja Tables The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. | 5.4 |