Wp Kama

wp-kama

5 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Kama Click Counter

kama_click_counter

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-20103 1Wp Kama 1Kama Click Counter Nov 21, 2024 Jun 27, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input...Show more A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input ASC%2c(select*from(select(sleep(2)))a) leads to sql injection (Blind). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.9 is able to address this issue. It is recommended to upgrade the affected component.Show less
CVE-2017-18615 1Wp Kama 1Kama Click Counter Nov 21, 2024 Sep 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
CVE-2017-18614 1Wp Kama 1Kama Click Counter Nov 21, 2024 Sep 13, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter.
CVE-2017-18521 1Wp Kama 1Democracy Poll Nov 21, 2024 Aug 21, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n.
CVE-2017-18520 1Wp Kama 1Democracy Poll Nov 21, 2024 Aug 20, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The democracy-poll plugin before 5.4 for WordPress has XSS via update_l10n in admin/class.DemAdminInit.php.