CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wp Visitor Statistics (Real Time Traffic) Project: >> Wp Visitor Statistics (Real Time Traffic) >> 3.14 Security Vulnerabilities

CVE-2021-24750

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks

CVSS Score

8.8

EPSS Score

0.676

Published

2021-12-21

Page 1

Vulnerabilities

Vulnerable Software

Wp Visitor Statistics (Real Time Traffic) Project: >> Wp Visitor Statistics (Real Time Traffic) >> 3.14 Security Vulnerabilities

Products

Pricing

Contact Us