Browse all 5 CVE security advisories affecting TMS-Plugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
TMS-Plugins develops WordPress extensions for transportation and logistics management, primarily serving e-commerce platforms with shipping and delivery tracking functionality. Historically, the plugins have been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from insufficient input validation and improper privilege checks. The five recorded CVEs include critical authentication bypass issues and stored XSS vulnerabilities that could allow attackers to compromise administrative accounts or inject malicious scripts. While no major public incidents have been documented, the consistent pattern of high-impact vulnerabilities suggests these plugins require careful configuration and regular updates to mitigate security risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-23876 | WordPress wpDataTables Plugin <= 2.1.49 is vulnerable to Cross Site Scripting (XSS) — wpDataTablesCWE-79 | 6.5 | Medium | 2023-05-03 |
| CVE-2022-29432 | WordPress wpDataTables plugin <= 2.1.27 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — wpDataTables – Tables & Table Charts (WordPress plugin)CWE-79 | 3.4 | Low | 2022-05-20 |
| CVE-2022-25618 | WordPress wpDataTables plugin <= 2.1.27 - Stored Cross-Site Scripting (XSS) vulnerability — wpDataTables – Tables & Table Charts (WordPress plugin)CWE-79 | 3.4 | Low | 2022-04-04 |
| CVE-2019-6011 | WordPress wpDataTables Lite插件跨站脚本漏洞 — wpDataTables Lite | 6.1 | - | 2019-12-26 |
| CVE-2019-6012 | WordPress wpDataTables Lite SQL注入漏洞 — wpDataTables Lite | 8.8 | - | 2019-12-26 |
This page lists every published CVE security advisory associated with TMS-Plugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.