SQL Injection Vulnerability in WP Statistics

John Castro


Security Risk: Dangerous

Exploitation Level: Easy/Remote

DREAD Score: 7/10

Vulnerability: SQL Injection

Patched Version: 12.0.8


As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues.


While working on the WordPress plugin WP Statistics, we discovered a SQL Injection vulnerability. This plugin is currently installed on 300,000+ websites.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico