Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/03/14 3:46 p.m.13 views

CVE-2025-28856

Cross-Site Request Forgery CSRF vulnerability in dangrossman W3Counter Free Real-Time Web Stats blog-stats-by-w3counter allows Cross Site Request Forgery.This issue affects W3Counter Free Real-Time Web Stats: from n/a through = 4.1...

8.8CVSS7.2AI score0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/11 9:39 p.m.6 views

WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin W3Counter Free Real-Time Web Stats versions = 4.1...

8.8CVSS9.1AI score0.0018EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/11 9:15 p.m.26 views

CVE-2025-28856

Cross-Site Request Forgery CSRF vulnerability in dangrossman W3Counter Free Real-Time Web Stats blog-stats-by-w3counter allows Cross Site Request Forgery.This issue affects W3Counter Free Real-Time Web Stats: from n/a through = 4.1...

8.8CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 9:0 p.m.21 views

CVE-2025-28856 WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in dangrossman W3Counter Free Real-Time Web Stats blog-stats-by-w3counter allows Cross Site Request Forgery.This issue affects W3Counter Free Real-Time Web Stats: from n/a through = 4.1...

4.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:0 p.m.54 views

CVE-2025-28856

CVE-2025-28856 describes a cross-site request forgery (CSRF) in the WordPress plugin W3Counter Free Real-Time Web Stats (affected versions:

8.8CVSS7.2AI score0.0018EPSS
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2022/09/27 12:0 a.m.611 views

3dady Real Time Web Stats <= 1.0 - Stored Cross-Site Scripting via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of escaping, it could also lead to Stored Cross-Site Scripting issue Make a logged in admin open a...

6.4AI score
Exploits0References1
Exploit DB
Exploit DB
added 2022/09/23 12:0 a.m.107 views

Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/3dady-real-time-web-stats/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://profiles.wordpress.org/3dady/ Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder