Incorrect Authorization Vulnerability Affects Data Tables Generator
CVE-2023-25043

5MEDIUM

Key Information:

Vendor: WordPress
Status: Data Tables Generator
Vendor: CVE Published:; 17 April 2024

Summary

An authorization flaw has been identified in the Supsystic Data Tables Generator, which may allow attackers to perform unauthorized actions. This vulnerability impacts all versions from n/a up to 1.10.25, raising significant concerns for WordPress users who utilize this plugin. The flaw stems from incorrect access control measures, which can compromise the security of sensitive data. Users are encouraged to evaluate their use of the Data Tables Generator and adhere to best practices in managing plugin vulnerabilities.

Affected Version(s)

Data Tables Generator <= 1.10.25

References

https://patchstack.com/database/vulnerability/data-tables...

vdb-entry

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 17, 2024
Vulnerability Reserved
Feb 2, 2023

Credit

Rafshanzani Suhada (Patchstack Alliance)