The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-05-15T12:15:31.686Z

Updated: 2024-08-02T05:17:50.061Z

Reserved: 2023-01-31T19:04:31.711Z

Link: CVE-2023-0600

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-05-15T13:15:09.867

Modified: 2024-11-21T07:37:28.013

Link: CVE-2023-0600

cve-icon Redhat

No data.