4 matches found
CVE-2022-0651
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...
CVE-2022-0651
creationtimestamp| type| source ---|---|--- 2022-02-24 22:15:04+00:00| seen| https://t.me/cibsecurity/38051...
CVE-2022-0651
The CVE-2022-0651 issue affects the WordPress plugin WP Statistics (versions up to 13.1.5). A SQL injection flaw exists in the current_page_type parameter, due to insufficient escaping/parameterization in the file ~/includes/class-wp-statistics-hits.php, enabling unauthenticated attackers to inje...
CVE-2022-0651 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_type
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpagetype parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...