WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to SQL Injection
CVE-2022-45373
9.8CRITICAL
Summary
An SQL Injection vulnerability exists in Slimstat Analytics by VeronaLabs, which allows attackers to inject malicious SQL queries through the improper neutralization of special elements. This vulnerability affects Slimstat Analytics versions from n/a through 5.0.4, potentially leading to unauthorized data access and manipulation within the database.
Affected Version(s)
Slimstat Analytics <= 5.0.4
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)