WordPress plugin WP Statistics 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin WP Statistics has a cross-site scripting vulnerability that can be exploited by an attacker to inject arbitrary web...

CVE-2022-0513 WP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reason

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusionreason parameter found in the /includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtai...

WordPress SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress WP Visitor Statistics plugin has a SQL injection vulnerability in versions prior to 4.8. The...

WordPress 插件SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. WP Statistics suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information about a database...

CloudBees Jenkins Cloud Statistics Plugin Improper Authorization Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...

CVE-2021-21631

Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages...

Sql injection

The wp-statistics plugin before 12.0.8 for WordPress has SQL injection...

CVE-2017-18515

The wp-statistics plugin before 12.0.8 for WordPress has SQL injection...

CVE-2019-13275

An issue was discovered in the VeronaLabs wp-statistics plugin before 12.6.7 for WordPress. The v1/hit endpoint of the API, when the non-default "use cache plugin" setting is enabled, is vulnerable to unauthenticated blind SQL Injection...

WP Statistics Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP Statistics plugin is used in one of the site information statistics plugin. A cross-site scripting vulnerability exists in Wordpress...

CVE-2019-12566

The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user...

WordPress WP Statistics plugin cross-site scripting vulnerability (CNVD-2019-13247)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP Statistics plugin is used in one of the site information statistics plugin. A cross-site scripting vulnerability exists in WordPress...

Unspecified Vulnerability in WordPress Feed Statistics Plugin

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site.Feed Statistics plugin is used in one of the tracking RSS statistics plugin. An unspecified vulnerability exists in t...

CVE-2018-17074

The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter...

Open redirect

The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter...

CVE-2018-17074

The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter...

WordPress Feed-Statistics Plugin Open Redirect Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports the setting up of personal blog sites on servers with PHP and MySQL.Feed-Statistics is one of the editorial statistics through the Feed reader about the people who are readi...

CVE-2018-11532

An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field...

MyBB ChangUonDyU 1.0.2 Cross Site Scripting

Exploit Title: MyBB ChangUonDyU Advanced Statistics Plugin v1.0.2 - Cross-Site Scripting Date: 5/25/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1125 Version: 1.0.2 Tested on: Ubuntu 18.04 CVE: CVE-2018-11532 1...

WordPress WP Statistics plugin cross-site scripting vulnerability (CNVD-2018-04482)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.WP Statistics is one of the website statistical analysis plugin. A cross-site scripting vulnerability exists in...