SQL Injection Vulnerability in jtrt-responsive-tables Plugin for WordPress
CVE-2017-18597

8.8HIGH

Key Information:

Vendor
Wordpress
Status
Jtrt Responsive Tables
Vendor
CVE Published:
10 September 2019

Summary

The jtrt-responsive-tables plugin for WordPress is susceptible to SQL Injection due to insufficient input validation in the admin/class-jtrt-responsive-tables-admin.php file. This vulnerability allows an attacker to manipulate SQL queries via the tableId parameter, potentially leading to unauthorized access to database information and critical data exposure.

References

https://wpvulndb.com/vulnerabilities/8953
x_refsource_MISC
https://wordpress.org/plugins/jtrt-responsive-tables/#dev...
x_refsource_MISC
http://lenonleite.com.br/en/2017/09/11/jtrt-responsive-ta...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.