Lucene search
Wp Visitor Statistics (Real Time Traffic) Security Vulnerabilities
cve
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furtherm...
5.4CVSS
5.3AI Score
0.001EPSS
2022-02-28 09:15 AM
61