web analytics

SQL Injection Vulnerability in WP Statistics

John Castro

 

Security Risk: Dangerous

Exploitation Level: Easy/Remote

DREAD Score: 7/10

Vulnerability: SQL Injection

Patched Version: 12.0.8

 

As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues.

 

While working on the WordPress plugin WP Statistics, we discovered a SQL Injection vulnerability. This plugin is currently installed on 300,000+ websites.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico