What is CVE-2022-27231?

CVE-2022-27231 is a vulnerability in Veronalabs Wp Statistics. Published 2022-06-13.

Is CVE-2022-27231 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Veronalabs Wp Statistics

CVE-2022-27231

Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user…

EPSS: 0.003 (54.2th percentile) — read the EPSS interpretation.

Affected products

Veronalabs Wp Statistics — versions versions prior to 13.2.0

Public proof-of-concept exploits

20142995/nuclei-templates

References

wordpress.org/plugins/wp-statistics/ (x_refsource_MISC)
wordpress.org/plugins/wp-statistics/ (x_refsource_MISC)
jvn.jp/en/jp/JVN15241647/index.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-27231?: CVE-2022-27231 is a vulnerability in Veronalabs Wp Statistics. Published 2022-06-13.
Is CVE-2022-27231 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.