CVE-2019-13275

An issue was discovered in the VeronaLabs wp-statistics plugin before 12.6.7 for WordPress. The v1/hit endpoint of the API, when the non-default "use cache plugin" setting is enabled, is vulnerable to unauthenticated blind SQL Injection.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:*

Information

Published : 2019-07-04 12:15

Updated : 2019-07-10 06:50


NVD link : CVE-2019-13275

Mitre link : CVE-2019-13275


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

veronalabs

  • wp_statistics