Kento Post View Counter
by WordPress
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-15040 | Cri | 0.64 | 9.8 | 0.01 | Oct 16, 2024 | The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This… | ||
| CVE-2016-10982 | Hig | 0.57 | 8.8 | 0.01 | Sep 17, 2019 | The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF. | ||
| CVE-2016-10981 | Med | 0.40 | 6.1 | 0.01 | Sep 17, 2019 | The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text. | ||
| CVE-2016-10980 | Med | 0.40 | 6.1 | 0.01 | Sep 17, 2019 | The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo. |
- risk 0.64cvss 9.8epss 0.01
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…
- risk 0.57cvss 8.8epss 0.01
The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.
- risk 0.40cvss 6.1epss 0.01
The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.
- risk 0.40cvss 6.1epss 0.01
The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.