Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.9 views

CVE-2022-0651

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...

9.8CVSS7.6AI score0.3298EPSS
Exploits1References1
Circl
Circl
added 2022/02/24 10:15 p.m.4 views

CVE-2022-0651

creationtimestamp| type| source ---|---|--- 2022-02-24 22:15:04+00:00| seen| https://t.me/cibsecurity/38051...

9.8CVSS7.1AI score0.3298EPSS
Exploits1References1
CVE
CVE
added 2022/02/24 6:27 p.m.118 views

CVE-2022-0651

The CVE-2022-0651 issue affects the WordPress plugin WP Statistics (versions up to 13.1.5). A SQL injection flaw exists in the current_page_type parameter, due to insufficient escaping/parameterization in the file ~/includes/class-wp-statistics-hits.php, enabling unauthenticated attackers to inje...

9.8CVSS8AI score0.3298EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/24 6:27 p.m.10 views

CVE-2022-0651 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_type

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...

9.8CVSS9.8AI score0.3298EPSS
Exploits1References3
Rows per page
Query Builder