Log out
Get PRO

Latest

Input validation vulnerability in Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress 7.1.1

  • Severity: high-risk
  • Status: Fixed
  • Publication: October 3, 2023

The Advanced Page Visit Counter plugin for WordPress is vulnerable to a type of attack called SQL Injection. This type of attack can happen when users are allowed to input data like names, email addresses, or other information. In this case, the Advanced Page Visit Counter plugin is vulnerable to this type of attack because it does not properly escape the data that is input by users and does not prepare the existing SQL query enough. If an attacker with user access privileges at least as high as a contributor is able to get access to the data, they could use additional SQL queries to extract sensitive information from the database.

Detected in:

Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

About

Popular articles