Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Ninja Tables

Source -

CNA

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2024-12772
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-6.1||MEDIUM
EPSS-0.01% / 1.13%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 06:00
Updated-28 Mar, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ninja Tables < 5.0.17 - Admin+ Stored XSS

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability.

Action-Not Available
Vendor-wpmanageninjaUnknown
Product-ninja_tablesNinja Tables
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-23504
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.14%
||
7 Day CHG~0.00%
Published-14 Jun, 2024 | 05:37
Updated-01 Aug, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ninja Tables plugin <= 5.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5.

Action-Not Available
Vendor-WPManageNinja LLCwpmanageninja
Product-Ninja Tablesninja_tables
CWE ID-CWE-862
Missing Authorization
CVE-2024-23503
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 21.14%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:09
Updated-07 Aug, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ninja Tables plugin <= 5.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6.

Action-Not Available
Vendor-wpmanageninjaWPManageNinja LLC
Product-ninja_tablesNinja Tables
CWE ID-CWE-862
Missing Authorization
CVE-2024-35635
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.4||MEDIUM
EPSS-0.16% / 36.93%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:03
Updated-03 Apr, 2025 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ninja Tables plugin <= 5.0.9 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.9.

Action-Not Available
Vendor-wpmanageninjaWPManageNinja LLC
Product-ninja_tablesNinja Tables
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-47137
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 18.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 10:04
Updated-09 Jan, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ninja Tables Plugin <= 4.3.4 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPManageNinja LLC Ninja Tables plugin <= 4.3.4 versions.

Action-Not Available
Vendor-wpmanageninjaWPManageNinja LLC
Product-ninja_tablesNinja Tables
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')