Wp Statistics@* Security Vulnerabilities and Issues — Wp Statistics@* CVE List

Lucene search

VeronalabsWp Statistics*

4 matches found

CVE•added 2019/07/04 7:15 p.m.•148 views

CVE-2019-13275

An issue was discovered in the VeronaLabs wp-statistics plugin before 12.6.7 for WordPress. The v1/hit endpoint of the API, when the non-default "use cache plugin" setting is enabled, is vulnerable to unauthenticated blind SQL Injection.

9.8CVSS9.6AI score0.01256EPSS

CVE•added 2019/06/03 12:29 a.m.•72 views

CVE-2019-12566

The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user.

5.4CVSS5.2AI score0.00331EPSS

CVE•added 2019/04/23 6:29 p.m.•54 views

CVE-2019-10864

The WP Statistics plugin through 12.6.2 for WordPress has XSS, allowing a remote attacker to inject arbitrary web script or HTML via the Referer header of a GET request.

6.1CVSS6.2AI score0.00255EPSS

CVE•added 2019/08/14 2:15 p.m.•52 views

CVE-2017-18515

The wp-statistics plugin before 12.0.8 for WordPress has SQL injection.

9.8CVSS9.9AI score0.07859EPSS