CVE-2023-45074
Summary
A critical SQL Injection vulnerability, identified as CVE-2023-45074, has been discovered in the Advanced Page Visit Counter plugin for WordPress. This flaw allows attackers to inject malicious SQL commands into the plugin's database queries.
IFF Assessment
FOE
The discovery of a critical SQL injection vulnerability in a widely used WordPress plugin poses a direct threat to website security, enabling attackers to compromise data and systems.
Severity
9.8
Critical
Defender Context
This vulnerability highlights the ongoing risk of SQL injection attacks targeting popular web plugins. Defenders should prioritize patching this plugin and monitoring for any signs of exploitation, especially on WordPress sites utilizing this specific analytics tool.