WordPress Plugin WP Statistics 漏洞列表

共找到 3 个与 WordPress Plugin WP Statistics 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-0651: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection POC

日期: 2025-08-01 | 影响软件: WordPress Plugin WP Statistics

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_type parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.
CVE-2022-25148: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection POC

日期: 2025-08-01 | 影响软件: WordPress Plugin WP Statistics

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_id parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.
CVE-2022-25149: WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection POC

日期: 2025-08-01 | 影响软件: WordPress Plugin WP Statistics

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the IP parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5.