Vulnerabilities > Burst Statistics

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-17	CVE-2024-0405	SQL Injection vulnerability in Burst-Statistics Burst Statistics The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. network low complexity burst-statistics CWE-89	6.5
2023-12-07	CVE-2023-5761	SQL Injection vulnerability in Burst-Statistics Burst Statistics The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'url' parameter in versions 1.4.0 to 1.4.6.1 (free) and versions 1.4.0 to 1.5.0 (pro) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity burst-statistics CWE-89	7.5

Vulnerabilities > Burst Statistics {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Burst Statistics"}]}