Lucene search
Hive ProHIVEPRO:5A9D95DB669A168C49EE86CE3BCBA6D5HistoryMar 18, 2024 - 8:11 a.m.
Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites
2024-03-1808:11:17
Hive Pro
www.hivepro.com
12
cross-site scripting
wp statistics
vulnerability
cve-2024-2194
exploitation
data theft
site compromise
patched versions
threat advisory
hiveforce labs
Summary: A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or site compromise. Update promptly to patched versions to prevent potential exploitation. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
wpvulndb
wpvulndb
WP Statistics < 14.5.1 - Unauthenticated Stored Cross-Site Scripting
2024-03-13 00:00:00
cve
cve
CVE-2024-2194
2024-03-13 16:15:32
wpexploit
wpexploit
WP Statistics < 14.5.1 - Unauthenticated Stored Cross-Site Scripting
2024-03-13 00:00:00
cvelist
cvelist
CVE-2024-2194
2024-03-13 15:27:20
nvd
nvd
CVE-2024-2194
2024-03-13 16:15:32
prion
prion
Cross site scripting
2024-03-13 16:15:00
thn
thn
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
2024-05-30 13:49:00
wordfence
wordfence
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for HIVEPRO:5A9D95DB669A168C49EE86CE3BCBA6D5