CVE-2024-1894
- EPSS 0.17%
- Veröffentlicht 13.03.2024 16:15:28
- Zuletzt bearbeitet 08.04.2026 19:20:54
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficien...
CVE-2024-0405
- EPSS 0.17%
- Veröffentlicht 17.01.2024 05:15:08
- Zuletzt bearbeitet 08.04.2026 19:19:10
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. Affected parameters include 'browser...
CVE-2023-5761
- EPSS 0.51%
- Veröffentlicht 07.12.2023 02:15:07
- Zuletzt bearbeitet 21.11.2024 08:42:26
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'url' parameter in versions 1.4.0 to 1.4.6.1 (free) and versions 1.4.0 to 1.5.0 (pro) due to insufficient escaping on the user...