Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp-buy visitor traffic real time statistics vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-24193
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin prior to 2.12, to install any plugin (including a specific version) from the WordPress repository, as well as activate arb...
Wp-buy Visitor Traffic Real Time Statistics
6.5
CVSSv2
CVE-2021-24829
The Visitor Traffic Real Time Statistics WordPress plugin prior to 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL injection issue
Wp-buy Visitor Traffic Real Time Statistics
6.8
CVSSv2
CVE-2019-15831
The visitors-traffic-real-time-statistics plugin prior to 1.12 for WordPress has CSRF in the settings page.
Wp-buy Visitor Traffic Real Time Statistics
6.8
CVSSv2
CVE-2019-15832
The visitors-traffic-real-time-statistics plugin prior to 1.13 for WordPress has CSRF.
Wp-buy Visitor Traffic Real Time Statistics
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started