CVE-2022-0410

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection
References
Configurations

Configuration 1

cpe:2.3:a:wp_visitor_statistics_project:wp_visitor_statistics:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-03-07 09:15

Updated : 2022-08-04 04:16


NVD link : CVE-2022-0410

Mitre link : CVE-2022-0410

Products Affected
No products.
CWE