cleantalk
Vulnerabilities and Security Researches

Page View Count, CVE-2025-2816

CVE, Research URL

CVE-2025-2816

Home page URL

Security reports for Page View Count

Application

Page View Count

Published on
May 01, 2025
Research Description
The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellow_message_dontshow() function in versions 2.8.0 to 2.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to one on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration.
Affected versions
Min -, max 2.8.5.
Status
vulnerable
Previous vulnerability researches
Xavin's Review Ratings (CVE-2025-4170) , May 04, 2025
New vulnerability
wp-cyr-cho | Конвертира кирилски символи в латиниски (CVE-2025-43835) , May 05, 2025
Posts for Page (CVE-2025-39369) , May 05, 2025
Mad Mimi for WordPress (CVE-2025-46262) , May 05, 2025
Best Posts Summary (CVE-2025-39374) , May 05, 2025
Author Box After Posts (CVE-2025-46263) , May 05, 2025