Exposure of WP-Statistics

Analytics, WordPress plugins
40
exposure score
2,945
sites use
0
exploited
5
critical

CVEs

18 results
CVE-2022-25148CRITICALWP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_idEPSS 81.4%CVE-2022-25305HIGHWP Statistics <= 13.1.5 Unauthenticated Stored Cross-Site Scripting via IPEPSS 81.2%CVE-2022-25149CRITICALWP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via IPEPSS 78.0%CVE-2022-0513CRITICALWP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reasonEPSS 53.6%CVE-2022-4230HIGHWP Statistics < 13.2.9 - Authenticated SQLiEPSS 34.3%CVE-2022-0651CRITICALWP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_typeEPSS 33.0%CVE-2021-24340WP Statistics < 13.0.8 - Unauthenticated SQL InjectionEPSS 26.9%CVE-2017-2136Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTMEPSS 2.6%CVE-2017-2135Cross-site scripting vulnerability in WP Statistics version 12.0.1 and earlier allows remote attackers to inject arbitrary web script or HTMEPSS 1.7%CVE-2022-25306HIGHWP Statistics <= 13.1.5 Unauthenticated Stored Cross-Site Scripting via browserEPSS 1.4%CVE-2022-25307HIGHWP Statistics <= 13.1.5 Unauthenticated Stored Cross-Site Scripting via platformEPSS 1.4%CVE-2017-2147Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTMEPSS 1.3%CVE-2022-27231Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. ByEPSS 1.0%CVE-2023-0955HIGHWP Statistics < 14.0 - Authenticated SQLiEPSS 0.9%CVE-2022-1005WP Statistics < 13.2.2 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-38074CRITICALWordPress WP Statistics Plugin <= 13.2.10 is vulnerable to SQL InjectionEPSS 0.7%CVE-2026-48839HIGHWordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-55716MEDIUMWordPress WP Statistics Plugin <= 14.15 - Broken Access Control VulnerabilityEPSS 0.2%

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →