Advanced Page Visit Counter

Source repositories

https://plugins.svn.wordpress.org/advanced-page-visit-counter/

CVEs (5)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2023-45074	WordPress Advanced Page Visit Counter	Hig	0.55	8.5	Nov 6, 2023	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1.
CVE-2024-32098	WordPress Advanced Page Visit Counter	Hig	0.49	7.6	Apr 15, 2024	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6.
CVE-2023-28788	WordPress Advanced Page Visit Counter	Hig	0.46	7.1	Dec 20, 2023	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2.
CVE-2023-50371	WordPress Advanced Page Visit Counter	Med	0.42	6.5	Dec 14, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 8.0.6.
CVE-2023-5529	WordPress Advanced Page Visit Counter		0.00	—	May 15, 2025	The Advanced Page Visit Counter WordPress plugin before 8.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE-2023-45074HigNov 6, 2023
WordPress
Advanced Page Visit Counter
risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1.
CVE-2024-32098HigApr 15, 2024
WordPress
Advanced Page Visit Counter
risk 0.49cvss 7.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6.
CVE-2023-28788HigDec 20, 2023
WordPress
Advanced Page Visit Counter
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2.
CVE-2023-50371MedDec 14, 2023
WordPress
Advanced Page Visit Counter
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows Stored XSS.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 8.0.6.
CVE-2023-5529May 15, 2025
WordPress
Advanced Page Visit Counter
risk 0.00cvss —epss 0.00
The Advanced Page Visit Counter WordPress plugin before 8.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)