Advanced Page Visit Counter@* Security Vulnerabilities and Issues — Advanced Page Visit Counter@* CVE List

Lucene search

Advanced Page Visit Counter ProjectAdvanced Page Visit Counter*

4 matches found

CVE•added 2022/05/02 4:15 p.m.•78 views

CVE-2021-25086

The Advanced Page Visit Counter WordPress plugin before 6.1.2 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admins viewing it

6.1CVSS6AI score0.21642EPSS

CVE•added 2022/04/25 4:16 p.m.•74 views

CVE-2021-24957

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection

8.8CVSS8.9AI score0.00954EPSS

CVE•added 2024/04/15 8:15 a.m.•44 views

CVE-2024-32098

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6.

7.6CVSS7.5AI score0.00272EPSS

CVE•added 2025/05/15 8:15 p.m.•38 views

CVE-2023-5529

The Advanced Page Visit Counter WordPress plugin before 8.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup...

4.8CVSS5.4AI score0.00098EPSS