Vulnerabilities > Veronalabs

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-14	CVE-2017-18515	SQL Injection vulnerability in Veronalabs WP Statistics The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. network low complexity veronalabs CWE-89 critical	9.8
2019-07-04	CVE-2019-13275	SQL Injection vulnerability in Veronalabs WP Statistics An issue was discovered in the VeronaLabs wp-statistics plugin before 12.6.7 for WordPress. network low complexity veronalabs CWE-89 critical	9.8
2019-06-03	CVE-2019-12566	Cross-site Scripting vulnerability in Veronalabs WP Statistics The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. network low complexity veronalabs CWE-79	5.4
2019-04-23	CVE-2019-10864	Cross-site Scripting vulnerability in Veronalabs WP Statistics The WP Statistics plugin through 12.6.2 for WordPress has XSS, allowing a remote attacker to inject arbitrary web script or HTML via the Referer header of a GET request. network low complexity veronalabs CWE-79	6.1
2018-06-26	CVE-2018-1000556	Cross-site Scripting vulnerability in Veronalabs WP Statistics WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. network low complexity veronalabs CWE-79	6.1

Vulnerabilities > Veronalabs {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Veronalabs"}]}