Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:30 p.m.11 views

CVE-2022-0513

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusionreason parameter found in the /includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtai...

9.8CVSS7.5AI score0.5346EPSS
Exploits3References1
Check Point Advisories
Check Point Advisories
added 2022/10/31 12:0 a.m.33 views

WordPress WP Statistics Plugin SQL Injection (CVE-2022-0513)

An SQL injection vulnerability exists in WordPress WP Statistics plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

4.3CVSS3.2AI score0.5346EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2022/02/16 4:38 p.m.7 views

CVE-2022-0513 WP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reason

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusionreason parameter found in the /includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtai...

9.8CVSS9.8AI score0.5346EPSS
Exploits3References2
Wordfence Blog
Wordfence Blog
added 2022/02/10 1:53 p.m.32 views

Unauthenticated SQL Injection Vulnerability Patched in WordPress Statistics Plugin

On February 7, 2022, Security Researcher Cyku Hong from DEVCORE reported a vulnerability to us that they discovered in WP Statistics, a WordPress plugin installed on over 600,000 sites. This vulnerability made it possible for unauthenticated attackers to execute arbitrary SQL queries by appending...

4.3CVSS8.1AI score0.5346EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/02/10 12:0 a.m.328 views

WordPress VeronaLabs WP Statistics 13.1.4 SQL Injection

On February 7, 2022, Security Researcher Cyku Hong from DEVCORE reported a vulnerability to us that they discovered in WP Statistics, a WordPress plugin installed on over 600,000 sites. This vulnerability made it possible for unauthenticated attackers to execute arbitrary SQL queries by appending...

0.2AI score0.5346EPSS
Exploits3
Rows per page
Query Builder