Lucene search

K
hiveproHive ProHIVEPRO:5A9D95DB669A168C49EE86CE3BCBA6D5
HistoryMar 18, 2024 - 8:11 a.m.

Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites

2024-03-1808:11:17
Hive Pro
www.hivepro.com
15
cross-site scripting
wp statistics
vulnerability
cve-2024-2194
exploitation
data theft
site compromise
patched versions
threat advisory
hiveforce labs

AI Score

6

Confidence

High

EPSS

0

Percentile

9.0%

Summary: A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or site compromise. Update promptly to patched versions to prevent potential exploitation. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

AI Score

6

Confidence

High

EPSS

0

Percentile

9.0%

Related for HIVEPRO:5A9D95DB669A168C49EE86CE3BCBA6D5