Filtered by vendor Advanced Page Visit Counter Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25086 | 1 Advanced Page Visit Counter Project | 1 Advanced Page Visit Counter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Advanced Page Visit Counter WordPress plugin before 6.1.2 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admins viewing it | |||||
| CVE-2021-24957 | 1 Advanced Page Visit Counter Project | 1 Advanced Page Visit Counter | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | |||||