The /1/api/ulisting-page-statistics/listing REST route did not sanitise or escape the listing_id and user_id GET parameters before using them in a SQL statement, leading to an SQL Injection issue. The plugin also did not sanitise and escape the HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR which are then used in a SQL statement. As these can be spoofed/forged, unauthenticated users could perform SQL Injection
2021-01-28 (about 2 years ago)
2021-01-28 (about 2 years ago)
2021-01-29 (about 2 years ago)