Wpdatatables Wordpress Data Table Dynamic Tables Table Charts Plugin
Monthly
Stored Cross-Site Scripting in wpDataTables WordPress plugin (all versions up to 6.5.0.4) allows unauthenticated attackers to inject malicious scripts into data tables via insufficient input sanitization in LinkWDTColumn, ImageWDTColumn, and EmailWDTColumn classes. Exploitation requires an Administrator to import attacker-controlled data with affected column types configured, but once injected, the malicious script executes for all users viewing the infected page. No public exploit code or active exploitation confirmed at time of analysis.
Stored Cross-Site Scripting in wpDataTables WordPress plugin (all versions up to 6.5.0.4) allows unauthenticated attackers to inject malicious scripts into data tables via insufficient input sanitization in LinkWDTColumn, ImageWDTColumn, and EmailWDTColumn classes. Exploitation requires an Administrator to import attacker-controlled data with affected column types configured, but once injected, the malicious script executes for all users viewing the infected page. No public exploit code or active exploitation confirmed at time of analysis.