CVE-2015-4062, CVE-2015-4063: Multiple vulnerabilities in WordPress plugin "NewStatPress"

Posted by Adrián M . F . on May 27

# Title: Multiple vulnerabilities in WordPress plugin “NewStatPress”
# Author: Adrián M. F. – adrimf85[at]gmail[dot]com
# Date: 2015-05-25
# Vendor Homepage: https://wordpress.org/plugins/newstatpress/
# Active installs: 20,000+
# Vulnerable version: 0.9.8
# Fixed version: 0.9.9
# CVE: CVE-2015-4062, CVE-2015-4063

Vulnerabilities (2)
=====================

(1) Authenticated SQLi [CWE-89] (CVE-2015-4062)…

Leave a Reply