Data Tables Generator By Supsystic < 1.9.92 - Insecure Permissions on AJAX Actions

Affects Plugin

fixed in version 1.9.92

References

CVE 2020-12075
CVE 2020-12076
URL https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-the-data-tables-generator-by-supsystic-plugin/

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Original Researcher Chloe Chamberland (wordfence)
Views 885
Verified No
WPVDB ID 10146

Timeline

Publicly Published 2020-03-24 (2 months ago)
Added 2020-03-24 (2 months ago)
Last Updated 2020-04-24 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin