Lucene search
China National Vulnerability DatabaseCNVD-2022-19792HistoryMar 09, 2022 - 12:00 a.m.
WordPress The WP Visitor Statistics Plugin SQL Injection Vulnerability
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
wordpress
sql injection
php
mysql
vulnerability
ajax
database security
EPSS
0.001
Percentile
37.7%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. SQL injection vulnerability exists in versions of WordPress prior to The WP Visitor Statistics Plugin 5.6, which stems from the fact that refUrlDetails AJAX does not clean up and escape the id parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
wpvulndb
wpvulndb
WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection
2022-02-14 00:00:00
nvd
nvd
CVE-2022-0410
2022-03-07 09:15:09
prion
prion
Sql injection
2022-03-07 09:15:00
cve
cve
CVE-2022-0410
2022-03-07 09:15:09
wpexploit
wpexploit
WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection
2022-02-14 00:00:00
cvelist
cvelist