🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin

Information

Software Type	Plugin
Software Slug	wpdatatables (view on wordpress.org)
Software Status	Active
Software Author	wpdatatables
Software Website	wpdatatables.com
Software Downloads	1,399,095
Software Active Installs	70,000
Software Record Last Updated	May 5, 2024

7 Vulnerabilities

wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.2 - Reflected Cross-Site Scripting.

6.1

CVE-2024-0591

Feb 20, 2024

Researcher: stealthcopter

wpDataTables - Tables & Table Charts <= 2.1.65 - Authenticated(Administrator+) PHP Object Injection

6.6

CVE-2023-4314

Aug 16, 2023

Researcher: Jonatas Souza Villa Flor

wpDataTables <= 2.1.49 - Authenticated (Contributor+) Stored Cross Site Scripting

6.4

CVE-2023-23876

Feb 20, 2023

Researcher: Rafshanzani Suhada

wpDataTables <= 2.1.27 - Authenticated Cross-Site Scripting

5.5

CVE-2022-29432

May 6, 2022

Researcher: Vladislav Pokrovsky (ΞX.MI)

wpDataTables Lite plugin <= 2.0.11 - SQL injection

7.2

CVE-2019-6012

Oct 16, 2019

Researcher: Gen Sato

wpDataTables Lite plugin <= 2.0.11 - Cross-Site Scripting

6.1

CVE-2019-6011

Oct 16, 2019

Researcher: Gen Sato

wpDataTables (Premium) <= 1.5.3 - SQL Injection

9.8

CVE-2014-9175

Nov 23, 2014

Researcher: Claudio Viviani

Title	CVE ID	CVSS	Researchers	Date
wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.2 - Reflected Cross-Site Scripting.	CVE-2024-0591	6.1	stealthcopter	February 20, 2024
wpDataTables - Tables & Table Charts <= 2.1.65 - Authenticated(Administrator+) PHP Object Injection	CVE-2023-4314	6.6	Jonatas Souza Villa Flor	August 16, 2023
wpDataTables <= 2.1.49 - Authenticated (Contributor+) Stored Cross Site Scripting	CVE-2023-23876	6.4	Rafshanzani Suhada	February 20, 2023
wpDataTables <= 2.1.27 - Authenticated Cross-Site Scripting	CVE-2022-29432	5.5	Vladislav Pokrovsky (ΞX.MI)	May 6, 2022
wpDataTables Lite plugin <= 2.0.11 - SQL injection	CVE-2019-6012	7.2	Gen Sato	October 16, 2019
wpDataTables Lite plugin <= 2.0.11 - Cross-Site Scripting	CVE-2019-6011	6.1	Gen Sato	October 16, 2019
wpDataTables (Premium) <= 1.5.3 - SQL Injection	CVE-2014-9175	9.8	Claudio Viviani	November 23, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation