cleantalk
Vulnerabilities and Security Researches

WP Statistics, CVE-2017-2136

CVE, Research URL

CVE-2017-2136

Home page URL

Security reports for WP Statistics

Application

WP Statistics

Published on
Apr 28, 2017
Research Description
Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.
Affected versions
Min -, max 12.6.7.
Status
vulnerable
Previous vulnerability researches
WP Statistics (CVE-2022-25149) , Jun 07, 2024
WP Statistics (CVE-2022-25307) , Jun 07, 2024
WP Statistics (CVE-2022-0513) , Jun 07, 2024
WP Statistics (CVE-2017-18515) , Jun 07, 2024
WP Statistics (CVE-2019-12566) , Jun 07, 2024
New vulnerability
WP Statistics (CVE-2025-3953) , May 01, 2025
Calculated Fields Form (CVE-2024-12273) , May 01, 2025
Admin and Site Enhancements (ASE) (CVE-2024-13688) , Apr 30, 2025
WordPress Simple Shopping Cart (CVE-2025-3529) , Apr 30, 2025
SecuPress Free — WordPress Security (CVE-2025-3452) , Apr 30, 2025