Wp-buy Visitor Traffic Real Time Statistics — known CVE vulnerabilities
Every CVE whose affected-product data names Wp-buy Visitor Traffic Real Time Statistics, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-15831 — CVSS 8.8 (high): The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
CVE-2021-24193 — CVSS 8.8 (high): Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics…
CVE-2021-24829 — CVSS 8.8 (high): The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the…