Cross-site Scripting Vulnerability in osama.esh WP Visitor Statistics Product
CVE-2025-53566
6.5MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 4 July 2025
What is CVE-2025-53566?
A vulnerability in the osama.esh WP Visitor Statistics (Real Time Traffic) plugin allows attackers to exploit Stored XSS, posing significant risks to users. This issue arises due to improper neutralization of input during web page generation, which can lead to malicious scripts being executed in users' browsers. It affects versions from n/a through 7.8, making it crucial for website owners to update or implement security measures promptly.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
WP Visitor Statistics (Real Time Traffic) <= 7.8
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
muhammad yudha (Patchstack Alliance)