Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. id: CVE-2023-0630 info: name: Slimstat Analytics 4.9.3.3 Subscriber - SQL Injection author: DhiyaneshDK severity: high description...

EUVD-2015-1345

Malware in sbrugna...

EUVD-2019-6183

Malware in sbrugna...

EUVD-2015-9115

Malware in sbrugna...

CVE-2019-15112

The wp-slimstat plugin before 4.8.1 for WordPress has XSS...

CVE-2015-1204

Cross-site scripting XSS vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fsresource parameter in the wp-slim-view-2 page to wp-admin/admin.php...

CVE-2023-33994

Missing Authorization vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/a through = 5.0.5.1...

WordPress wp-slimstat plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-slimstat is a website monitoring plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

CVE-2019-15112

The wp-slimstat plugin before 4.8.1 for WordPress has XSS...

CVE-2019-15112

The wp-slimstat plugin before 4.8.1 for WordPress has XSS...

Cross site scripting

The wp-slimstat plugin before 4.8.1 for WordPress has XSS...

CVE-2019-15112

The wp-slimstat plugin before 4.8.1 for WordPress has XSS...

CVE-2019-15112

The CVE-2019-15112 entry describes a cross-site scripting (XSS) vulnerability in the WordPress wp-slimstat plugin before version 4.8.1. Public sources (e.g., PT-2019-13992, NVD, CNVD, RH) confirm the flaw and consistently recommend updating to 4.8.1 or later. The issue is attributed to inadequate...

PT-2019-13992 · WordPress · Wp Slimstat

Name of the Vulnerable Software and Affected Versions: wp-slimstat plugin versions prior to 4.8.1 Description: The issue is related to a cross-site scripting XSS problem. Recommendations: For versions prior to 4.8.1, update to version 4.8.1 or later to resolve the issue...

CVE-2015-9273

The wp-slimstat aka Slimstat Analytics plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking...

CVE-2015-9273

CVE-2015-9273 affects the WordPress plugin wp-slimstat (Slimstat Analytics) , with an XSS vulnerability exploitable via an HTTP Referer header or a related JavaScript Referer tracking field. Affected versions are prior to 4.1.6.1 . The issue is documented across multiple sources confirming a stor...

Popular Wordpress Analytics plugins-WP-Slimstat weak key and the sql injection vulnerability analysis-vulnerability warning-the black bar safety net

! /Article/UploadPic/2015-2/2 0 1 5 2 2 6 1 1 4 2 5 0 6 4 5. png Web Security enterprise Sucuri Tuesday in a blog post said that they in the latest version of Wordpress Analytics plugins-WP-Slimstat found in asql injectionvulnerabilities, exploit the vulnerability, an attacker can perform sql bli...

WordPress Sites Vulnerable to Plugin-Related SQL Attacks

More than one million WordPress sites may be vulnerable to a critical plugin issue that could open sites up to SQL injection attacks and in turn, total takeover. The problem stems from a weak key vulnerability in WP-Slimstat, a web analytics plugin for the content management system that’s been...

CVE-2015-1204

Cross-site scripting XSS vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fsresource parameter in the wp-slim-view-2 page to wp-admin/admin.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fsresource parameter in the wp-slim-view-2 page to wp-admin/admin.php...