🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Visualizer: Tables and Charts Manager for WordPress

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Visualizer: Tables and Charts Manager for WordPress

Information

Software Type	Plugin
Software Slug	visualizer (view on wordpress.org)
Software Status	Active
Software Author	themeisle
Software Website	themeisle.com
Software Downloads	1,660,576
Software Active Installs	30,000
Software Record Last Updated	April 24, 2024

9 Vulnerabilities

Visualizer <= 3.10.5 - Reflected Cross-Site Scripting

6.1

CVE-2024-27958

Mar 13, 2024

Researcher: stealthcopter

ThemeIsle SDK <= Various Versions - Missing Authorization

5.3

CVE-2024-1047

Feb 1, 2024

Researcher: Francesco Carlucci

Visualizer <= 3.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes

6.4

CVE-2023-23708

Feb 20, 2023

Researcher: Rafshanzani Suhada

Visualizer <= 3.9.1 - Authenticated(Contributor+) Stored Cross-Site Scripting

6.4

CVE-2022-46848

Feb 6, 2023

Researcher: Muhammad Daffa

Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization

8.8

CVE-2022-2256

Jul 5, 2022

Researchers:

Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization

8.8

CVE-2022-2444

Jul 5, 2022

Researcher: Rasoul Jahanshahi

Visualizer <= 3.7.6 - Reflected Cross-Site Scripting

6.1

CVE ID Unknown

May 31, 2022

Researcher: WPScanTeam

Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Server-Side Request Forgery

9.3

CVE-2019-16932

Sep 28, 2019

Researcher: Nathan Davison

Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Stored Cross-Site Scripting

6.1

CVE-2019-16931

Sep 28, 2019

Researcher: Nathan Davison

Title	CVE ID	CVSS	Researchers	Date
Visualizer <= 3.10.5 - Reflected Cross-Site Scripting	CVE-2024-27958	6.1	stealthcopter	March 13, 2024
ThemeIsle SDK <= Various Versions - Missing Authorization	CVE-2024-1047	5.3	Francesco Carlucci	February 1, 2024
Visualizer <= 3.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes	CVE-2023-23708	6.4	Rafshanzani Suhada	February 20, 2023
Visualizer <= 3.9.1 - Authenticated(Contributor+) Stored Cross-Site Scripting	CVE-2022-46848	6.4	Muhammad Daffa	February 6, 2023
Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization	CVE-2022-2256	8.8		July 5, 2022
Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization	CVE-2022-2444	8.8	Rasoul Jahanshahi	July 5, 2022
Visualizer <= 3.7.6 - Reflected Cross-Site Scripting		6.1	WPScanTeam	May 31, 2022
Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Server-Side Request Forgery	CVE-2019-16932	9.3	Nathan Davison	September 28, 2019
Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Stored Cross-Site Scripting	CVE-2019-16931	6.1	Nathan Davison	September 28, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation