Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a3rev page view count vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-0095
The Page View Count WordPress plugin prior to 2.6.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...
A3rev Page View Count
9.8
CVSSv3
CVE-2022-0434
The Page View Count WordPress plugin prior to 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL inj...
A3rev Page View Count
5.4
CVSSv3
CVE-2021-24509
The Page View Count WordPress plugin prior to 2.4.9 does not escape the postid parameter of pvc_stats shortcode, allowing users with a role as low as Contributor to perform Stored XSS attacks. A post made by a contributor would still have to be approved by an admin to have the XS...
A3rev Page View Count
4.3
CVSSv3
CVE-2022-40131
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Page View Count plugin <= 2.5.5 on WordPress allows an malicious user to reset the plugin settings.
A3rev Page View Count
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started