Untriaged
Permalink
CVE-2022-38074
9.9 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress WP Statistics Plugin <= 13.2.10 is vulnerable to SQL Injection
SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions.
References
- https://patchstack.com/database/vulnerability/wp-statistics/wordpress-wp-statis… vdb-entry
- https://patchstack.com/database/vulnerability/wp-statistics/wordpress-wp-statis… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/wp-statistics/wordpress-wp-statis… vdb-entry
- https://patchstack.com/database/vulnerability/wp-statistics/wordpress-wp-statis… vdb-entry x_transferred
Affected products
wp-statistics
- =<13.2.10
Matching in nixpkgs
pkgs.wordpressPackages.plugins.wp-statistics
None
-
nixos-unstable -
- nixpkgs-unstable 14.13.1