Skip to main content

Newstatpress

2 CVEs product

Monthly

CVE-2015-4063 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Newstatpress
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.1%
CVE-2015-4062 MEDIUM POC PATCH THREAT This Month

SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

WordPress SQLi PHP Newstatpress
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
10.3%
EPSS 1% CVSS 3.5
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP +1
NVD Exploit-DB
EPSS 10% CVSS 6.5
MEDIUM POC PATCH THREAT This Month

SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

WordPress SQLi PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy