CVE-2022-27231
N/A
N/A
Summary
Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VeronaLabs | WP Statistics | versions prior to 13.2.0 | affected |
Weaknesses
- Cross-site scripting
ADP Enrichment
CVE Program Container
Additional References
- https://wordpress.org/plugins/wp-statistics/
- https://wordpress.org/plugins/wp-statistics/#developers
- https://jvn.jp/en/jp/JVN15241647/index.html
References
- https://wordpress.org/plugins/wp-statistics/
- https://wordpress.org/plugins/wp-statistics/#developers
- https://jvn.jp/en/jp/JVN15241647/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.