PT-2025-46777 · WordPress · Data-Tables-Generator-By-Supsystic
Naoya Takahashi
·
Published
2025-11-13
·
Updated
2025-11-13
·
CVE-2025-12089
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Data Tables Generator by Supsystic plugin for WordPress versions through 1.10.45
Description
The Data Tables Generator by Supsystic plugin for WordPress has a flaw that allows authenticated attackers with Administrator-level access or higher to delete arbitrary files on the server. This is due to inadequate file path validation within the
cleanCache() function. Deleting specific files, such as wp-config.php, could lead to remote code execution.Recommendations
Update the Data Tables Generator by Supsystic plugin for WordPress to a version later than 1.10.45.
Fix
RCE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Data-Tables-Generator-By-Supsystic