🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Visualizer: Tables and Charts Manager for WordPress

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Visualizer: Tables and Charts Manager for WordPress

Information

Software Type	Plugin
Software Slug	visualizer (view on wordpress.org)
Software Status	Active
Software Author	themeisle
Software Website	themeisle.com
Software Downloads	1,693,864
Software Active Installs	30,000
Software Record Last Updated	May 18, 2024

10 Vulnerabilities

Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Server-Side Request Forgery

9.3

CVE-2019-16932

Sep 28, 2019

Researcher: Nathan Davison

Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Stored Cross-Site Scripting

6.1

CVE-2019-16931

Sep 28, 2019

Researcher: Nathan Davison

Visualizer <= 3.7.6 - Reflected Cross-Site Scripting

6.1

CVE ID Unknown

May 31, 2022

Researcher: WPScanTeam

Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization

8.8

CVE-2022-2256

Jul 5, 2022

Researchers:

Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization

8.8

CVE-2022-2444

Jul 5, 2022

Researcher: Rasoul Jahanshahi

Visualizer <= 3.9.1 - Authenticated(Contributor+) Stored Cross-Site Scripting

6.4

CVE-2022-46848

Feb 6, 2023

Researcher: Muhammad Daffa

Visualizer <= 3.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes

6.4

CVE-2023-23708

Feb 20, 2023

Researcher: Rafshanzani Suhada

ThemeIsle SDK <= Various Versions - Missing Authorization

5.3

CVE-2024-1047

Feb 1, 2024

Researcher: Francesco Carlucci

Visualizer <= 3.10.5 - Reflected Cross-Site Scripting

6.1

CVE-2024-27958

Mar 13, 2024

Researcher: stealthcopter

Visualizer: Tables and Charts Manager for WordPress <= 3.10.15 - Missing Authorization to Arbitrary SQL Execution

8.8

CVE-2024-3750

May 15, 2024

Researcher: Krzysztof Zając

Title	Status	CVE ID	CVSS	Researchers	Date
Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Server-Side Request Forgery	Patched	CVE-2019-16932	9.3	Nathan Davison	September 28, 2019
Visualizer: Tables and Charts Manager for WordPress <= 3.3.0 - Stored Cross-Site Scripting	Patched	CVE-2019-16931	6.1	Nathan Davison	September 28, 2019
Visualizer <= 3.7.6 - Reflected Cross-Site Scripting	Patched		6.1	WPScanTeam	May 31, 2022
Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization	Patched	CVE-2022-2256	8.8		July 5, 2022
Visualizer: Tables and Charts Manager for WordPress <= 3.7.9 - Authenticated (Contributor+) PHAR Deserialization	Patched	CVE-2022-2444	8.8	Rasoul Jahanshahi	July 5, 2022
Visualizer <= 3.9.1 - Authenticated(Contributor+) Stored Cross-Site Scripting	Patched	CVE-2022-46848	6.4	Muhammad Daffa	February 6, 2023
Visualizer <= 3.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes	Patched	CVE-2023-23708	6.4	Rafshanzani Suhada	February 20, 2023
ThemeIsle SDK <= Various Versions - Missing Authorization	Patched	CVE-2024-1047	5.3	Francesco Carlucci	February 1, 2024
Visualizer <= 3.10.5 - Reflected Cross-Site Scripting	Patched	CVE-2024-27958	6.1	stealthcopter	March 13, 2024
Visualizer: Tables and Charts Manager for WordPress <= 3.10.15 - Missing Authorization to Arbitrary SQL Execution	Patched	CVE-2024-3750	8.8	Krzysztof Zając	May 15, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation