Wp-Buy: >> Visitor Traffic Real Time Statistics >> 2.12 Security Vulnerabilities
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL injection issue
CVSS Score
8.8
EPSS Score
0.007
Published
2021-11-08