Vulnerability Details CVE-2022-29432
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.4%
CVSS Severity
CVSS v3 Score 3.4
CVSS v2 Score 3.5
References
- https://patchstack.com/database/vulnerability/wpdatatables/wordpress-wpdatatables-plugin-2-1-27-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities
- https://wordpress.org/plugins/wpdatatables/#developers
- https://patchstack.com/database/vulnerability/wpdatatables/wordpress-wpdatatables-plugin-2-1-27-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities
- https://wordpress.org/plugins/wpdatatables/#developers
Products affected by CVE-2022-29432
-
cpe:2.3:a:tms-outsource:wpdatatables:1.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.2
-
cpe:2.3:a:tms-outsource:wpdatatables:1.3
-
cpe:2.3:a:tms-outsource:wpdatatables:1.3.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.4
-
cpe:2.3:a:tms-outsource:wpdatatables:1.4.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.2
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.3
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.4
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.5
-
cpe:2.3:a:tms-outsource:wpdatatables:1.5.6
-
cpe:2.3:a:tms-outsource:wpdatatables:1.6
-
cpe:2.3:a:tms-outsource:wpdatatables:1.6.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.6.2
-
cpe:2.3:a:tms-outsource:wpdatatables:1.7
-
cpe:2.3:a:tms-outsource:wpdatatables:1.7.1
-
cpe:2.3:a:tms-outsource:wpdatatables:1.7.2
-
cpe:2.3:a:tms-outsource:wpdatatables:2.0
-
cpe:2.3:a:tms-outsource:wpdatatables:2.0.1
-
cpe:2.3:a:tms-outsource:wpdatatables:2.0.2
-
cpe:2.3:a:tms-outsource:wpdatatables:2.1