The NewStatPress plugin for WordPress has an issue that can allow unauthenticated attackers to inject malicious code into pages. This code can then be executed every time someone visits an affected page. This issue affects versions up to and including 1.0.3 due to a lack of input sanitization and output escaping.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
