CVE Catalog
CVE-2026-57672
HighCVSS 7.1Summary
The wpDataTables plugin version 6.5.1.1 and earlier contains an unauthenticated Cross Site Scripting (XSS) vulnerability. An attacker can inject malicious script without requiring authentication.
Risk Assessment
The risk involves potential execution of arbitrary JavaScript in users' browsers, which can lead to session theft, redirects to malicious sites, or theft of sensitive data.
Recommendation
Immediately update the wpDataTables plugin to a version newer than 6.5.1.1. Also consider deploying Web Application Firewalls (WAF) that block common XSS patterns.
Original NVD description (English source)
Unauthenticated Cross Site Scripting (XSS) in wpDataTables <= 6.5.1.1 versions.

