CVE-2024-1894
- EPSS 0.17%
- Veröffentlicht 13.03.2024 16:15:28
- Zuletzt bearbeitet 10.04.2025 13:09:48
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficien...
CVE-2024-0405
- EPSS 0.17%
- Veröffentlicht 17.01.2024 05:15:08
- Zuletzt bearbeitet 02.06.2025 15:15:26
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. Affected parameters include 'browser...
CVE-2023-5761
- EPSS 0.51%
- Veröffentlicht 07.12.2023 02:15:07
- Zuletzt bearbeitet 21.11.2024 08:42:26
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'url' parameter in versions 1.4.0 to 1.4.6.1 (free) and versions 1.4.0 to 1.5.0 (pro) due to insufficient escaping on the user...