Vulnerabilities > Advanced Page Visit Counter Project

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2021-25086 Cross-site Scripting vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter
The Advanced Page Visit Counter WordPress plugin before 6.1.2 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admins viewing it
6.1
2022-04-25 CVE-2021-24957 Unspecified vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter
The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection
network
low complexity
advanced-page-visit-counter-project
8.8