Lucene search
K

57 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49395

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0055EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-55172

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00368EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32423

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00727EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29920

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.7 views

CVE-2023-50371

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for...

6.5CVSS6.8AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:50 a.m.9 views

CVE-2023-28788

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a...

8.8CVSS8.9AI score0.00727EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.7 views

CVE-2023-45074

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for...

9.8CVSS8.9AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.16 views

CVE-2021-24957

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvcresetcountart AJAX action, available to any authenticated user, leading to a SQL injection...

8.8CVSS7AI score0.01341EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/05/15 8:8 p.m.12 views

CVE-2023-5529 Advanced Page Visit Counter <= 8.0.6 - Admin+ Stored XSS

The Advanced Page Visit Counter WordPress plugin before 8.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00318EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:2 a.m.6 views

CVE-2024-32098

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS5.6AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 8:15 a.m.20 views

CVE-2024-32098

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS7.9AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 7:39 a.m.23 views

CVE-2024-32098 WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS8.1AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 7:39 a.m.14 views

CVE-2024-32098 WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS5.6AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 7:39 a.m.59 views

CVE-2024-32098

CVE-2024-32098 describes an SQL Injection in the WordPress plugin Advanced Page Visit Counter (affected versions: up to 8.0.6). The root cause is improper neutralization of SQL elements in the plugin, enabling an attacker with Administrator+ privileges (per the document) to influence SQL queries....

7.6CVSS5.6AI score0.00515EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.6 views

PT-2024-24403 · Unknown · Advanced Page Visit Counter

Name of the Vulnerable Software and Affected Versions: Advanced Page Visit Counter versions n/a through 8.0.6 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This vulnerability affects the...

7.6CVSS7.9AI score0.00515EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/11 10:19 a.m.4 views

WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Advanced Page Visit Counter versions = 8.0.6...

7.6CVSS7.8AI score0.00515EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/11 12:0 a.m.12 views

WordPress Advanced Page Visit Counter Plugin <= 8.0.6 is vulnerable to SQL Injection

Software Advanced Page Visit Counter Type Plugin Vulnerable versions = 8.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32098 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 091c37cd4699 Credits Le Ngoc Anh Required privilege...

7.6CVSS6.8AI score0.00515EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/16 12:0 a.m.4 views

PT-2024-14816 · WordPress +1 · Advanced Page Visit Counter

Name of the Vulnerable Software and Affected Versions: The Advanced Page Visit Counter WordPress plugin versions prior to 8.0.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible even when the unfiltered html...

4.8CVSS4.6AI score0.00318EPSS
Exploits2References5
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.406 views

Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

7.4AI score
Exploits0
wpexploit
wpexploit
added 2024/01/23 12:0 a.m.155 views

Advanced Page Visit Counter <= 8.0.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Visit the "Settings" interface...

5.7AI score0.00318EPSS
Exploits2
Rows per page
Query Builder