Vulnerabilities > Newstatpress Project > Newstatpress > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2022-0206 Unspecified vulnerability in Newstatpress Project Newstatpress
The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
network
low complexity
newstatpress-project
6.1
6.1
2019-08-22 CVE-2017-18575 Cross-site Scripting vulnerability in Newstatpress Project Newstatpress
The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.
network
low complexity
newstatpress-project CWE-79
6.1
6.1