Vulnerabilities > A3Rev > Page View Count > 2.4.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2023-0095 | Unspecified vulnerability in A3Rev Page View Count The Page View Count WordPress plugin before 2.6.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | 5.4 |
| 2022-11-03 | CVE-2022-40131 | Cross-Site Request Forgery (CSRF) vulnerability in A3Rev Page View Count Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Page View Count plugin <= 2.5.5 on WordPress allows an attacker to reset the plugin settings. | 4.3 |
| 2022-03-07 | CVE-2022-0434 | SQL Injection vulnerability in A3Rev Page View Count The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. | 9.8 |