3 matches found
CVE-2017-10991
CVE-2017-10991 affects the WordPress WP Statistics plugin up to version 12.0.9. The vulnerability is an XSS in the rangestart and rangeend parameters on the wps_referrers_page. CVSS metrics in the provided documents indicate: confidentiality impact LOW, integrity impact PARTIAL, availability impa...
CVE-2017-2135
The WP Statistics WordPress plugin is affected by a reflected cross-site scripting vulnerability (CWE-79) reported for version 12.0.1 and earlier. Multiple connected advisories confirm XSS vectors that can execute script in a logged-in user’s browser, with exploit details not fully disclosed in a...
CVE-2017-2147
WP Statistics for WordPress is affected in versions 12.0.4 and earlier by a stored cross-site scripting vulnerability (CWE-79). An attacker can inject arbitrary script via unspecified vectors, impacting users’ browsers. Remediation: update the WP Statistics plugin to version 12.0.5 or later, as i...