CVE-2022-0434

The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the postids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks...

CVE-2025-63034

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.9.0...

EUVD-2025-201988

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.8.7...

CVE-2025-63034

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.9.0...

CVE-2025-63034

CVE-2025-63034 is a Missing Authorization vulnerability in the WordPress plugin Page View Count (page-views-count) affecting versions up to and including 2.8.7. The linked sources describe a Settings Change vulnerability, implying that an unauthorized actor could modify plugin settings. The Wordf...

CVE-2025-63034 WordPress Page View Count plugin <= 2.9.0 - Settings Change vulnerability

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.9.0...

CVE-2025-63034 WordPress Page View Count plugin <= 2.9.0 - Settings Change vulnerability

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.9.0...

WordPress plugin Page View Count 安全漏洞

...

PT-2025-50041

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.8.7...

WordPress Page View Count plugin <= 2.8.7 - Settings Change vulnerability

Settings Change vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Page View Count versions = 2.8.7...

EUVD-2012-1844

Malware in sbrugna...

EUVD-2018-1463

Malware in sbrugna...

EUVD-2022-43449

Malicious code in bioql PyPI...

CVE-2025-8293

The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

PT-2025-33538 · WordPress · Advanced Iframe

Name of the Vulnerable Software and Affected Versions: Advanced iFrame plugin for WordPress versions prior to 2025.7 Description: The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the additional parameter due to insufficient input sanitization and output...

Code-Projects Responsive Blog 代码注入漏洞

Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0/1.12.4/3.3.4, which originates from a cross-site scripting error in file /responsive/resblog/blogadmin/admin/pageViewMembers.php...

VulnCheck KEV: CVE-2022-0434

The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the postids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks...

CVE-2023-30868

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jon Christopher CMS Tree Page View plugin = 1.6.7 versions...

CVE-2023-0095

The Page View Count WordPress plugin before 2.6.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-2816

The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellowmessagedontshow function in versions 2.8.0 to 2.8.4. This makes it possible for authenticated attackers, with...