← back
CVE-2019-13275

CVE-2019-13275

EPSS 2.6%
An issue was discovered in the VeronaLabs wp-statistics plugin before 12.6.7 for WordPress. The v1/hit endpoint of the API, when the non-default "use cache plugin" setting is enabled, is vulnerable to unauthenticated blind SQL Injection.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/wp-statistics/wp-statistics/commit/bd46721b97794a1b1520e24ff5023b6da738dd75https://wordpress.org/plugins/wp-statistics/#developershttps://wpvulndb.com/vulnerabilities/9412