WordPress Plugin Vulnerabilities

Data Tables Generator By Supsystic < 1.9.92 - Insecure Permissions on AJAX Actions

Description

The Data Tables Generator by Supsystic WordPress plugin was affected by an Insecure Permissions on AJAX Actions security vulnerability.

Affects Plugins

Plugin icon
data-tables-generator-by-supsystic
Fixed in 1.9.92

References

CVE
CVE-2020-12075
CVE
CVE-2020-12076
URL
https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-the-data-tables-generator-by-supsystic-plugin/

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
6.3 (medium)

Miscellaneous

Original Researcher
Chloe Chamberland (wordfence)
Verified
No
WPVDB ID
e486d8b5-8a70-4eb1-b45c-a1c5e659e685

Timeline

Publicly Published
2020-03-24 (about 6 years ago)
Added
2020-03-24 (about 6 years ago)
Last Updated
2020-04-24 (about 6 years ago)

Other

Published
Title
Published
2022-09-13
Title
WPGateway <= 3.5 - Unauthenticated Privilege Escalation
Published
2025-05-22
Title
Simple Business Directory Pro <= 15.4.8 - Unauthenticated Privilege Escalation
Published
2026-02-18
Title
Datalogics Ecommerce Delivery < 2.6.60 - Unauthenticated Privilege Escalation
Published
2025-11-03
Title
CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation
Published
2025-04-23
Title
Buddypress Force Password Change <= 0.1 - Subscriber+ Account Takeover via Password Update