CVE-2024-3821

HIGH

wpDataTables <6.3.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdt_ajax_actions.php file in all versions up to, and including, 6.3.2. This makes it possible for unauthenticated attackers to manipulate data tables. Please note this only affects the premium version of the plugin.

Scores

CVSS v3 7.3
EPSS 0.0032
EPSS Percentile 24.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
wpdatatables/wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin < 6.3.2
Published Jun 01, 2024
Tracked Since Feb 18, 2026