https://www.lyleswaterbeds.com.au - iThemes Security Site Scanner

WordPress Ninja Tables – Easy Data Table Builder plugin <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table Creation vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Broken Access Control
Score:: 4.3

Fixed in Version 5.2.7

PatchStack

Details

CVE

2026-2306

Publicly Published: 2026-05-05
Created: 2026-05-06

WordPress Ninja Tables plugin <= 5.2.5 - Sensitive Data Exposure vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Sensitive Data Exposure
Score:: 4.3

Fixed in Version 5.2.6

PatchStack

Details

CVE

2026-25008

Publicly Published: 2026-01-18
Created: 2026-02-17

WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: SQL Injection
Score:: 8.5

Fixed in Version 5.2.5

PatchStack

Details

CVE

2025-69351

Publicly Published: 2026-01-07
Created: 2026-01-06

WordPress Ninja Tables plugin <= 5.2.3 - SQL Injection vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: SQL Injection
Score:: 7.6

Fixed in Version 5.2.4

PatchStack

Details

CVE

2025-67519

Publicly Published: 2025-12-15
Created: 2025-12-09

WordPress Ninja Tables – Easy Data Table Builder plugin <= 5.0.18 - Unauthenticated Server-Side Request Forgery vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Server Side Request Forgery (SSRF)
Score:: 7.2

Fixed in Version 5.0.19

PatchStack

Details

CVE

2025-2940

Publicly Published: 2025-06-26
Created: 2025-06-26

WordPress Ninja Tables – Easy Data Table Builder plugin <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code Execution vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: PHP Object Injection
Score:: 9.8

Fixed in Version 5.0.19

PatchStack

Details

CVE

2025-2939

Publicly Published: 2025-06-02
Created: 2025-06-02

WordPress Ninja Tables plugin < 5.0.17 - Admin+ Stored XSS vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Cross Site Scripting (XSS)
Score:: 5.9

Fixed in Version 5.0.17

PatchStack

Details

CVE

2024-12772

Publicly Published: 2025-01-31
Created: 2025-01-31

WordPress Ninja Tables plugin <= 5.0.12 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Cross Site Scripting (XSS)
Score:: 5.9

Fixed in Version 5.0.13

PatchStack

Details

CVE

2024-7304

Publicly Published: 2024-08-27
Created: 2024-08-27

WordPress Ninja Tables plugin <= 5.0.9 - Server Side Request Forgery (SSRF) vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Server Side Request Forgery (SSRF)
Score:: 4.4

Fixed in Version 5.0.10

PatchStack

Details

CVE

2024-35635

Publicly Published: 2024-05-30
Created: 2024-05-30

WordPress Ninja Tables plugin <= 5.0.5 - Broken Access Control vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Broken Access Control
Score:: 5.3

Fixed in Version 5.0.6

PatchStack

Details

CVE

2024-23504

Publicly Published: 2024-01-19
Created: 2024-01-19

WordPress Ninja Tables plugin <= 5.0.6 - Broken Access Control vulnerability

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Broken Access Control
Score:: 4.3

Fixed in Version 5.0.7

PatchStack

Details

CVE

2024-23503

Publicly Published: 2024-01-19
Created: 2024-01-19

WordPress Ninja Tables – Best Data Table Plugin for WordPress plugin <= 4.3.4 - Cross Site Scripting (XSS)

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Cross Site Scripting (XSS)
Score:: 5.9

Fixed in Version 4.3.5

PatchStack

Details

CVE

2022-47137

Publicly Published: 2023-04-19
Created: 2023-04-20

WordPress Ninja Tables – Best Data Table Plugin for WordPress plugin <= 4.3.4 - Cross Site Request Forgery (CSRF)

Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.

Type:: Cross Site Request Forgery (CSRF)
Score:: 4.3

Fixed in Version 4.3.5

PatchStack

Details

CVE

2022-47136

Publicly Published: 2023-04-19
Created: 2023-08-17