CVE-2024-23504 MEDIUM

CVE-2024-23504: WordPress Ninja Tables plugin <= 5.0.5 - Broken Access Control vulnerability

Vendor Wpmanageninja Llc
Product Ninja Tables
Weakness CWE-862 · Missing authorization
Published June 14, 2024
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5.

Key dates

02Disclosure timeline

June 14, 2024 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-58377 JeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret Keys CVE-2025-47471 WordPress Envo Extra plugin <= 1.9.9 - Broken Access Control Vulnerability CVE-2025-9549 Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099 CVE-2024-0791 WOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Missing Authorization CVE-2023-4282 EmbedPress <= 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Delete via admin_post_remove and remove_private_data