← back
CVE-2022-27231

CVE-2022-27231

EPSS 1.0%
Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product.
Affected products
VeronaLabs · WP Statistics

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN15241647/index.htmlhttps://wordpress.org/plugins/wp-statistics/https://wordpress.org/plugins/wp-statistics/#developers