CVE Catalog

CVE-2026-57672

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Summary

The wpDataTables plugin version 6.5.1.1 and earlier contains an unauthenticated Cross Site Scripting (XSS) vulnerability. An attacker can inject malicious script without requiring authentication.

Risk Assessment

The risk involves potential execution of arbitrary JavaScript in users' browsers, which can lead to session theft, redirects to malicious sites, or theft of sensitive data.

Recommendation

Immediately update the wpDataTables plugin to a version newer than 6.5.1.1. Also consider deploying Web Application Firewalls (WAF) that block common XSS patterns.

Original NVD description (English source)

Unauthenticated Cross Site Scripting (XSS) in wpDataTables <= 6.5.1.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS