CVE-2021-24198

Name of the Vulnerable Software and Affected Versions: wpDataTables – Tables & Table Charts premium WordPress plugin versions prior to 3.4.2

Description: The issue allows a low privilege authenticated user to tamper with parameters and delete data of other users present in the same table through id key and id val parameters. This can lead to an attacker deleting the data of all users in the same table.

Recommendations: For versions prior to 3.4.2, update to version 3.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the table publication page to prevent low privilege authenticated users from tampering with the parameters. Avoid using the id key and id val parameters in the affected table until the issue is resolved.