RSS   Podatności dla 'Newstatpress'   RSS

2019-08-22
 
CVE-2017-18575

CWE-79
 

 
The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.

 
2019-08-14
 
CVE-2015-9315

CWE-89
 

 
The newstatpress plugin before 1.0.1 for WordPress has SQL injection.

 
 
CVE-2015-9314

CWE-79
 

 
The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.

 
 
CVE-2015-9313

CWE-89
 

 
The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.

 
 
CVE-2015-9312

CWE-79
 

 
The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.

 
 
CVE-2015-9311

CWE-79
 

 
The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.

 
2015-05-27
 
CVE-2015-4063

 

 
Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php.

 
 
CVE-2015-4062

 

 
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.

 


Copyright 2021, cxsecurity.com

 

Back to Top