Primary

Context

Data Tables Generator by Supsystic WordPress Plugin Arbitrary File Deletion Vulnerability

Vulnerability

Patched

A vulnerability allowing arbitrary file deletion has been identified in the Data Tables Generator by Supsystic plugin for WordPress, affecting all versions through 1.10.45. This issue arises from inadequate file path validation in the cleanCache() function, which allows authenticated attackers with Administrator-level access to delete arbitrary files on the server. Exploiting this vulnerability could lead to remote code execution, particularly if a critical file like wp-config.php is deleted.

Impact

Successful exploitation allows authenticated users with Administrator privileges to delete arbitrary files on the server, potentially leading to remote code execution.

Remediation

Users are advised to update the Data Tables Generator by Supsystic plugin to version 1.10.46 or a newer patched version.

Added: Nov 13, 2025, 4:21 AM

Updated: Nov 13, 2025, 4:21 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

7.5

exploitability

5.6

remediation

7.7

relevance

1.1

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

7.5

exploitability

5.6

remediation

7.7

relevance

1.1

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Data Tables Generator by Supsystic WordPress Plugin Arbitrary File Deletion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Supsystic Data Tables Generator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating