CVE-2024-12772

Medium CVSS: 5.4

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability.

Vendor

Wpmanageninja

Product

Ninja Tables

CWE

CWE-79

Yayın Tarihi

2025-01-31 06:15:27

Güncelleme

2025-03-28 18:08:42

Source Identifier

contact@wpscan.com

KEV Date Added

Kategoriler

CWE-79 Ninja Tables MEDIUM Wpmanageninja 2025

Referanslar

https://wpscan.com/vulnerability/7b6d0f95-6632-4079-8c1b-517a8d02c330/

Benzer Kayıtlar

High

CVE-2025-2940

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all vers…

Medium

CVE-2025-2939

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up…

High

CVE-2024-13568

The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Sensitive Informati…