Visitors Traffic Real Time Statistics < 1.13 – CSRF to Stored XSS/SQLi | CVE 2019-15831 | Plugin Vulnerabilities

Description

A CSRF vulnerability in the plugin gives attackers the possibility to craft an AJAX request, which lets blog administrators alter plugin settings. Due to a lack of encoding for malicious data when displaying it in the admin backend, there is a Stored XSS. Also, as the user input coming from the attacker is directly being passed to the WPDB query() method, there might be a possible SQL injection.

Affects Plugins

visitors-traffic-real-time-statistics

Fixed in 1.13

References

CVE

CVE

URL

https://dannewitz.ninja/posts/visitors-traffic-real-time-statistics-csrf-to-stored-xss

URL

https://plugins.trac.wordpress.org/changeset/2117152/visitors-traffic-real-time-statistics

Miscellaneous

Original Researcher

Paul Dannewitz

Submitter

Paul Dannewitz

Submitter website

https://dannewitz.ninja

Submitter twitter

Verified

No

WPVDB ID

a75eb0ac-a87a-4324-9d59-31ee1e211647

Timeline

Publicly Published

2019-07-03 (about 6 years ago)

Added

2019-07-04 (about 6 years ago)

Last Updated

2020-12-26 (about 5 years ago)

Other

Published

Title

Published

2019-05-13

Title

Ultimate Member < 2.0.46 - Multiple Vulnerabilities

Published

2014-12-20

Title

Post to Twitter <= 0.7 - CSRF & XSS

Published

2015-07-01

Title

Powerplay Gallery - Arbitrary File Upload & SQL Injection

Published

2017-10-10

Title

My WP Translate < 1.0.4 - CSRF & XSS

Published

2016-02-08

Title

Booking Calendar Contact Form < 1.0.24 - XSS & SQL Injection