Kama Click Counter

kama_click_counter

Vendor: Wp Kama • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-20103 1Wp Kama 1Kama Click Counter Nov 21, 2024 Jun 27, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input...Show more A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input ASC%2c(select*from(select(sleep(2)))a) leads to sql injection (Blind). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.9 is able to address this issue. It is recommended to upgrade the affected component.Show less
CVE-2017-18615 1Wp Kama 1Kama Click Counter Nov 21, 2024 Sep 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
CVE-2017-18614 1Wp Kama 1Kama Click Counter Nov 21, 2024 Sep 13, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter.