CVE-2022-0410

The WP Visitor Statistics Real Time Traffic WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection...

CVE-2022-0410

The WP Visitor Statistics Real Time Traffic WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection...

WordPress plugin The WP Visitor Statistics SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress The WP Visitor Statistics Plugin versions prior to 5.6, whic...

PT-2022-13162 · WordPress · Wp Visitor Statistics

Name of the Vulnerable Software and Affected Versions: WP Visitor Statistics Real Time Traffic versions prior to 5.6 Description: The issue concerns a SQL injection problem. It occurs because the id parameter is not properly sanitised and escaped before being used in a SQL statement via the...