CVE-2020-12076

CVSS 9.6 CRITICALEPSS 0.7%

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.

CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-the-data-tables-generator-by-supsystic-plugin/