CVE-2017-2136

Summary

Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

Affected Software

VendorProductVersion RangeStatus
WP StatisticsWP Statisticsversion 12.0.4 and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References