Advanced Page Visit Counter
Approved changes feed: RSS · Atom
cpe:2.3:a:advanced_page_visit_counter_project:advanced_page_visit_counter:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Advanced Page Visit Counter Project (9b3e1e1f-3885-5e2e-a2f7-42affa439eb2) |
|---|---|
| Product | Advanced Page Visit Counter (c907a0aa-2d00-5a11-93d6-34284c696c28) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-25086 |
vulnerable | 2026-06-08 05:30:39.939663 |
Advanced Page Visit Counter < 6.1.2 - Unauthenticated Stored Cross-Site Scripting
The Advanced Page Visit Counter WordPress plugin before 6.1.2 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admins viewing it
Published: 2022-05-02T16:05:31.000Z
Updated: 2024-08-03T19:56:09.909Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24957 |
vulnerable | 2026-06-08 05:30:39.690558 |
Advanced Page Visit Counter < 6.1.6 - Subscriber+ Blind SQL injection
The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection
Published: 2022-04-25T15:50:44.000Z
Updated: 2024-08-03T19:49:14.418Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.