Vulnerabilities > Newstatpress Project > Newstatpress > 1.1.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-14 | CVE-2022-0206 | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | 4.3 |
| 2019-08-22 | CVE-2017-18575 | Cross-site Scripting vulnerability in Newstatpress Project Newstatpress The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues. | 4.3 |