Newstatpress@* Security Vulnerabilities and Issues — Newstatpress@* CVE List

Lucene search

Newstatpress ProjectNewstatpress*

9 matches found

CVE•added 2022/02/14 12:15 p.m.•97 views

CVE-2022-0206

The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues

6.1CVSS6.1AI score0.04219EPSS

CVE•added 2015/05/27 6:59 p.m.•57 views

CVE-2015-4062

SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.

6.5CVSS8.1AI score0.25156EPSS

CVE•added 2019/08/14 3:15 p.m.•51 views

CVE-2015-9312

The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.

6.1CVSS6.2AI score0.04178EPSS

CVE•added 2015/05/27 6:59 p.m.•46 views

CVE-2015-4063

Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php.

3.5CVSS5.4AI score0.03077EPSS

CVE•added 2019/08/14 3:15 p.m.•45 views

CVE-2015-9313

The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.

9.8CVSS9.8AI score0.00546EPSS

CVE•added 2019/08/14 3:15 p.m.•44 views

CVE-2015-9315

The newstatpress plugin before 1.0.1 for WordPress has SQL injection.

9.8CVSS9.9AI score0.00513EPSS

CVE•added 2019/08/14 3:15 p.m.•43 views

CVE-2015-9311

The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.