CVE-2025-2940 - Vulnerability Details

- Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery

Description

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Published: 2025-06-27

Score: 7.2 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Ninja Tables – Easy Data Table Builder plugin contains a Server‑Side Request Forgery flaw that allows an unauthenticated attacker to supply an arbitrary URL through the args[url] parameter. This weakness, classified as CWE‑918, enables a malicious actor to instruct the WordPress installation to perform HTTP requests on its behalf, potentially accessing internal network services or extracting sensitive data. The impact is a compromised confidentiality and integrity of internal resources and services that are reachable from the web server.

Affected Systems

WordPress sites that have installed Ninja Tables version 5.0.18 or earlier are affected. The vulnerability resides in the core framework used to send HTTP requests, so any installation of the plugin on those versions is vulnerable regardless of theme or other plugins.

Risk and Exploitability

The CVSS score of 7.2 reflects a high severity, while an EPSS score of less than 1% indicates a low likelihood of widespread exploitation at the moment. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to craft a request that targets the plugin’s args[url] parameter, which can be done from any unauthenticated source that can reach the site’s front‑end. Once triggered, the attacker can access internal network resources and perform read or write operations against those services.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

techjewel

Ninja Tables – Easy Data Table Builder

unaffected

Version	Status	Constraints
`0`	affected	≤ 5.0.18

Configuration 1 [-]

cpe:2.3:a:wpmanageninja:ninja_tables:*:*:*:*:*:wordpress:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Ninja Tables plugin version 5.0.19 or later to remove the SSRF code path
Configure the web server or application firewall to restrict outbound HTTP traffic from WordPress to only trusted external domains
Verify that internal services are not accessible from the web application by testing connections from the WordPress instance

Generated by OpenCVE AI on April 22, 2026 at 17:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-19379	The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00528.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.18/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268
https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.19/vendor/wpfluent/framework/src/WPFluent/Http/Client.php
https://plugins.trac.wordpress.org/browser/ninja-tables/trunk/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3269692%40ninja-tables&new=3269692%40ninja-tables&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/02480559-be5c-4d23-9e62-bb76fafb4f42?source=cve

History

Mon, 07 Jul 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wpmanageninja Wpmanageninja ninja Tables
CPEs		cpe:2.3:a:wpmanageninja:ninja_tables::::::wordpress::*
Vendors & Products		Wpmanageninja Wpmanageninja ninja Tables

Fri, 27 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 27 Jun 2025 08:45:00 +0000

Type	Values Removed	Values Added
Description		The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Title		Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery
Weaknesses		CWE-918
References		https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.18/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268 https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.19/vendor/wpfluent/framework/src/WPFluent/Http/Client.php https://plugins.trac.wordpress.org/browser/ninja-tables/trunk/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3269692%40ninja-tables&new=3269692%40ninja-tables&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/02480559-be5c-4d23-9e62-bb76fafb4f42?source=cve
Metrics		cvssV3_1 `{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N'}`

Subscriptions

Wpmanageninja Ninja Tables

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-06-27T08:23:57.327Z

Updated: 2026-04-08T16:32:40.188Z

Reserved: 2025-03-28T17:41:37.931Z

Link: CVE-2025-2940

Vulnrichment

Updated: 2025-06-27T13:34:46.439Z

NVD

Status : Analyzed

Published: 2025-06-27T09:15:25.250

Modified: 2025-07-07T15:35:41.327

Link: CVE-2025-2940

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T17:15:22Z

Weaknesses

CWE-918

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object