Codepress Vulnerabilities
Comprehensive security vulnerability database for Codepress products
3
2
6
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2024-24867 | 7.5 | This vulnerability allows an attacker to access sensitive information from the WP Visitor Statistics plugin, potentially exposing user data and site activity. It affects versions up to 6.9.4, so sites using this plugin without updates are at risk. | codepressvisitor statistics | Exploit Available | about 2 years agoMar 17, 2024 |
| CVE-2022-0410 | 8.8 | This vulnerability allows an attacker with an authenticated user account to manipulate the database by injecting malicious SQL code through a poorly handled parameter in the WP Visitor Statistics plugin. If exploited, this could lead to unauthorized access to sensitive data or even complete control over the database. | codepressvisitor statistics | Exploit Available | about 4 years agoMar 7, 2022 |
| CVE-2021-24750 | 8.8 | This vulnerability allows an attacker, even with a low-level user role like a subscriber, to execute SQL injection attacks, which means they could manipulate the database to access or alter sensitive information. The issue arises from the plugin not properly cleaning up user input in a specific function, making it accessible to any authenticated user. | codepressvisitor statistics | Exploit Available | over 4 years agoDec 21, 2021 |
About Codepress Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Codepress products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.