Skip to main content
CVE-2024-3820 CRITICAL Act Now

The wpDataTables - WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'id_key' parameter of the wdt_delete_table_row AJAX action in. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi WordPress
NVD
CVSS 3.1
10.0
EPSS
2.1%
CVE-2024-3200 CRITICAL PATCH Act Now

The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3 due to insufficient escaping on the. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Wpforo Forum
NVD
CVSS 3.1
9.9
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy