Kentothemes Kento-post-view-counter — known CVE vulnerabilities
Every CVE whose affected-product data names Kentothemes Kento-post-view-counter, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-15040 — CVSS 9.8 (critical): The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and…
CVE-2016-10982 — CVSS 8.8 (high): The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.
CVE-2016-10981 — CVSS 6.1 (medium): The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or…