Veronalabs Wp Statistics
6 CVEs affecting Veronalabs Wp Statistics. Latest disclosed: 2026-06-01. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-0513 | Critical | 9.8 | 2022-02-16 | The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in… |
CVE-2026-48839 | High | 7.1 | 2026-06-01 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issu… |
CVE-2022-38074 | High | 7.1 | 2023-03-13 | SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions. |
CVE-2025-55716 | Medium | 4.3 | 2025-08-14 | Missing Authorization vulnerability in VeronaLabs WP Statistics wp-statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This issu… |
CVE-2022-27231 | | 2022-06-13 | Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vu… | |
CVE-2021-24340 | | 2021-06-07 | The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare… |