CVE-2022-27231 Information

Description

Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platform parameter. By exploiting this vulnerability an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product.

Reference

https://wordpress.org/plugins/wp-statistics/ https://wordpress.org/plugins/wp-statistics/#developers https://jvn.jp/en/jp/JVN15241647/index.html