4 matches found
CVE-2021-24829
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the todaytrafficindex AJAX action available to any authenticated users before using it in a SQL statement, leading to an SQL injection issue...
CVE-2021-24829
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the todaytrafficindex AJAX action available to any authenticated users before using it in a SQL statement, leading to an SQL injection issue...
CVE-2021-24829
The CVE-2021-24829 issue affects the WordPress plugin Visitor Traffic Real Time Statistics (vulnerable = 3.9). The root cause is lack of validation/escaping of user input passed to the today_traffic_index AJAX action before it is used in an SQL statement, leading to SQL injection. Impact is explo...
CVE-2021-24829 Visitor Traffic Real Time Statistics < 3.9 - Subscriber+ SQL Injection
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the todaytrafficindex AJAX action available to any authenticated users before using it in a SQL statement, leading to an SQL injection issue...