cleantalk
Vulnerabilities and Security Researches

Page View Count, CVE-2022-0434

CVE, Research URL

CVE-2022-0434

Home page URL

Security reports for Page View Count

Application

Page View Count

Published on
Mar 07, 2022
Research Description
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks
Affected versions
Min -, max 2.4.15.
Status
vulnerable
Previous vulnerability researches
Page View Count (CVE-2021-24509) , Jun 07, 2024
Page View Count (CVE-2023-0095) , Jun 07, 2024
Page View Count (CVE-2022-0434) , Jun 07, 2024
Page View Count (CVE-2022-40131) , Jun 07, 2024
Page View Count (CVE-2025-2816) , May 05, 2025
New vulnerability
Libro de Reclamaciones (CVE-2025-46446) , May 05, 2025
Enhanced Paypal Shortcodes (CVE-2025-46543) , May 05, 2025
My Custom Widgets (CVE-2025-46526) , May 05, 2025
Mailing Group Listserv (CVE-2025-46463) , May 05, 2025
Tayori Form Plugin (CVE-2025-46437) , May 05, 2025