Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2021-24829
- EPSS 0.7%
- Published 08.11.2021 18:15:10
- Last modified 21.11.2024 05:53:50
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL in...
8.8
CVE-2021-24193
- EPSS 0.6%
- Published 14.05.2021 12:15:08
- Last modified 21.11.2024 05:52:33
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a specific version) from the WordPress repository, as we...
8.8
CVE-2019-15831
- EPSS 0.11%
- Published 30.08.2019 14:15:10
- Last modified 21.11.2024 04:29:33
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
8.8
CVE-2019-15832
- EPSS 0.2%
- Published 30.08.2019 14:15:10
- Last modified 21.11.2024 04:29:34
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
1