Unauthorized Data Modification Vulnerability in The Visualizer's Tables and Charts Manager for WordPress Plugin
CVE-2024-3750

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Visualizer: Tables And Charts Manager For WordPress
Vendor: CVE Published:; 16 May 2024

What is CVE-2024-3750?

The Visualizer: Tables and Charts Manager for WordPress plugin is susceptible to unauthorized modifications and data retrieval due to a missing capability check in the getQueryData() function. All versions up to and including 3.10.15 are impacted, allowing authenticated attackers with subscriber-level access and above to execute arbitrary SQL queries. This vulnerability poses significant risks, including privilege escalation, thereby compromising the integrity and security of the WordPress site. Prompt updates and security measures are essential to mitigate potential threats associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Visualizer: Tables and Charts Manager for WordPress * <= 3.10.15

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/visualizer/tru...

https://plugins.trac.wordpress.org/changeset/3086048/visu...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Apr 12, 2024

Credit

Krzysztof Zając

JSON

Wordpress

What is CVE-2024-3750?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.