CVE-2022-38074

moderate-risk

Published 2023-03-13

SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions.

Do I need to act?

0.98% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Fix available

Upgrade to: fbcbdf93a3865d58d9f6d9dfb60036c8eaa56420

CVSS 9.9/10 Critical

NETWORK / LOW complexity

Wp Statistics

Veronalabs

Third Party Advisory https://patchstack.com/database/vulnerability/wp-statistics/wordpress-wp-statist...

/ 100

moderate-risk

Severity 33/34 · Critical

Exploitability 3/34 · Minimal

Exposure 5/34 · Minimal