CVE-2020-12076: WordPress plugin vulnerability

Share this with people that should know this:

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.

References

  • www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-the-data-tables-generator-by-supsystic-plugin/
  • Share this with people that should know this: