CVE-2019-10864

Published April 23rd, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

The WP Statistics plugin through 12.6.2 for WordPress has XSS, allowing a remote attacker to inject arbitrary web script or HTML via the Referer header of a GET request.

wp-statistics/wp-statistics

The Most Popular Privacy-Friendly Analytics Plugin

GitHub

127