cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-15040,https://securityvulnerability.io/vulnerability/CVE-2016-15040,Unauthorized SQL Query Injection Vulnerability in View Counter plugin for WordPress,"The Kento Post View Counter plugin for WordPress contains a vulnerability that exposes it to SQL Injection attacks. Specifically, the 'kento_pvc_geo' parameter is susceptible due to inadequate escaping of user-supplied input and insufficient preparation in the SQL query. This allows unauthenticated attackers to inject malicious SQL queries into existing ones, potentially leading to unauthorized access and extraction of sensitive data from the database. Users of the affected plugin version 2.8 and earlier should take immediate action to secure their installations.",Wordpress,Kento Post View Counter,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-10-16T06:43:31.617Z,0
CVE-2016-10982,https://securityvulnerability.io/vulnerability/CVE-2016-10982,,The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.,Wordpress,Kento-post-view-counter,8.8,HIGH,0.003719999920576811,false,,false,false,false,,false,false,2019-09-17T14:17:06.000Z,0
CVE-2016-10981,https://securityvulnerability.io/vulnerability/CVE-2016-10981,,"The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.",Wordpress,Kento-post-view-counter,6.1,MEDIUM,0.0014400000218302011,false,,false,false,false,,false,false,2019-09-17T14:15:21.000Z,0
CVE-2016-10980,https://securityvulnerability.io/vulnerability/CVE-2016-10980,,The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.,Wordpress,Kento-post-view-counter,6.1,MEDIUM,0.0014400000218302011,false,,false,false,false,,false,false,2019-09-17T14:14:45.000Z,0