Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.8 views

CVE-2022-0410

The WP Visitor Statistics Real Time Traffic WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection...

8.8CVSS6.8AI score0.01297EPSS
Exploits2References1
NVD
NVD
added 2022/03/07 9:15 a.m.22 views

CVE-2022-0410

The WP Visitor Statistics Real Time Traffic WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection...

8.8CVSS0.01297EPSS
Exploits2References1
CVE
CVE
added 2022/03/07 8:16 a.m.100 views

CVE-2022-0410

CVE-2022-0410 affects the WP Visitor Statistics (Real Time Traffic) WordPress plugin prior to 5.6. The refUrlDetails AJAX action uses an unsanitized id parameter in a SQL statement, and this action is accessible to any authenticated user, leading to a SQL injection. Impact stated across connected...

8.8CVSS8.9AI score0.01297EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/03/07 8:16 a.m.22 views

CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection

The WP Visitor Statistics Real Time Traffic WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection...

9.1AI score0.01297EPSS
Exploits2References1
Rows per page
Query Builder