Lucene search
K

104 matches found

RedhatCVE
RedhatCVE
added 2026/01/20 5:21 p.m.5 views

CVE-2026-22850

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS6.3AI score0.00411EPSS
Exploits1References1
Patchstack
Patchstack
added 2026/01/20 6:28 a.m.8 views

WordPress Koko Analytics plugin <= 2.1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hector Ruiz Ruiz in WordPress Plugin Koko Analytics versions = 2.1.2...

8.3CVSS5.8AI score0.00411EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/01/19 5:15 p.m.13 views

CVE-2026-22850

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS0.00411EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/19 4:51 p.m.5 views

CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS6.3AI score0.00411EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/19 4:51 p.m.3 views

CVE-2026-22850

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS6.1AI score0.00411EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/01/19 4:51 p.m.20 views

CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS0.00411EPSS
Exploits1References3
OSV
OSV
added 2026/01/19 4:51 p.m.3 views

CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS6.3AI score0.00411EPSS
Exploits1References5
CVE
CVE
added 2026/01/19 4:51 p.m.28 views

CVE-2026-22850

Koko Analytics for WordPress (

8.3CVSS6.3AI score0.00411EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/01/19 4:51 p.m.6 views

EUVD-2026-3319

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

8.3CVSS6.3AI score0.00411EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.6 views

WordPress plugin Koko Analytics has a SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

8.3CVSS6AI score0.00411EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-140712

Malicious code in koko-poke24 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-140716

Malicious code in koko-poke20 npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.5 views

Malicious code in koko-poke16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91bef030ad27df3369de229a3d84232471cefcbda3d480f6ff9e99d41765f7de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.5 views

Malicious code in koko-poke1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 052504e6dbb255bed00da650bb14612ca713af07982cf6c7c3e25db6a3a74976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-140717

Malicious code in koko-poke2 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-140720

Malicious code in koko-poke17 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-140713

Malicious code in koko-poke23 npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.4 views

Malicious code in koko-poke2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2795bfc9875219076951e65fc5546f230ea42cd4aa10669dd1faf09240e67dbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.3 views

Malicious code in koko-poke18 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03a951b7d6c9342f4e7e291705fd7506aeb5724fee4322ac933b48e2129ad8d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-140726

Malicious code in koko-poke11 npm...

6.6AI score
Exploits0
Rows per page
Query Builder