Vulnerabilities > Advanced Page Visit Counter Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-02 | CVE-2021-25086 | Cross-site Scripting vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter The Advanced Page Visit Counter WordPress plugin before 6.1.2 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admins viewing it | 6.1 |
| 2022-04-25 | CVE-2021-24957 | SQL Injection vulnerability in Advanced Page Visit Counter Project Advanced Page Visit Counter The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | 8.8 |