Vulnerabilities > WP Stats Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-01	CVE-2015-10001	Cross-Site Request Forgery (CSRF) vulnerability in Wp-Stats Project Wp-Stats The WP-Stats WordPress plugin before 2.52 does not have CSRF check when saving its settings, and did not escape some of them when outputting them, allowing attacker to make logged in high privilege users change them and set Cross-Site Scripting payloads network wp-stats-project CWE-352	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > WP Stats Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WP Stats Project"}]}

Vulnerabilities > WP Stats Project