"vulnerabilities":[
{
"title": "WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 4.7 - SQL Injection (SQLi) vulnerability",
"product_name": "WP Visitor Statistics (Real Time Traffic)",
"product_slug": "wp-stats-manager",
"product_type": "Plugin",
"fixed_in": "4.8",
"cvss_score": 8.8,
"direct_url": "patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-visitor-statistics-real-time-traffic-plugin-4-7-sql-injection-sqli-vulnerability"
}
"vulnerabilities":[
{
"id":7976,
"product_id":2175,
"title":"WordPress File Upload plugin <= 4.16.2 - Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE)",
"description":"Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE) discovered by apple502j in WordPress File Upload plugin (versions <= 4.16.2).",
"vuln_type":"Directory Traversal",
"cvss_score":8.8,
"cve":["2021-24962"],
"product_slug":"wp-file-upload",
"product_name":"WordPress File Upload",
"product_name_premium":null,
"product_type":"Plugin",
"affected_in":"<= 4.16.2",
"fixed_in":"4.16.3",
"patched_in_ranges":[],
"disclosure_date":"2022-03-01 00:00:00",
"disclosed_at":"2022-03-01T00:00:00+00:00",
"created_at":"2022-03-07T11:17:05+00:00",
"url":"wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce",
"direct_url":"https://patchstack.com/database/vulnerability/wp-file-upload/wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce"
},
Plugin
Autoptimize
Sensitive Data Disclosure vulnerability
5.3
2 days ago
Plugin
YITH PayPal Express Checkout for WooCommerce
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
4.6
2 days ago
Plugin
YITH WooCommerce Product Bundles
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
4.6
2 days ago
Plugin
YITH WooCommerce Featured Video
Multiple CrossSite Request Forgery (CSRF) vulnerabilities
4.6
2 days ago
