Lucene search

K
wpvulndbWpvulndbWPVDB-ID:0EC129A5-5290-447E-A0FE-C8A470B99343
HistoryJan 31, 2023 - 12:00 a.m.

WP Statistics < 13.2.11 - Subscriber+ SQLi

2023-01-3100:00:00
wpscan.com
19
wp statistics
sql injection
vulnerability
software
subscriber role

EPSS

0.001

Percentile

37.6%

The plugin does not properly sanitise and escape some parameters before using them in SQL statements, leading to a SQL injection exploitable by users with a role as low as subscriber

EPSS

0.001

Percentile

37.6%

Related for WPVDB-ID:0EC129A5-5290-447E-A0FE-C8A470B99343