Lucene search
K

4 matches found

NVD
NVD
added 2024/04/15 8:15 a.m.20 views

CVE-2024-32098

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS7.9AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 7:39 a.m.28 views

CVE-2024-32098 WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6...

7.6CVSS8.1AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 7:39 a.m.62 views

CVE-2024-32098

CVE-2024-32098 describes an SQL Injection in the WordPress plugin Advanced Page Visit Counter (affected versions: up to 8.0.6). The root cause is improper neutralization of SQL elements in the plugin, enabling an attacker with Administrator+ privileges (per the document) to influence SQL queries....

7.6CVSS5.6AI score0.00515EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/11 12:0 a.m.12 views

WordPress Advanced Page Visit Counter Plugin <= 8.0.6 is vulnerable to SQL Injection

Software Advanced Page Visit Counter Type Plugin Vulnerable versions = 8.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32098 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 091c37cd4699 Credits Le Ngoc Anh Required privilege...

7.6CVSS6.8AI score0.00515EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder