cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-0206,https://securityvulnerability.io/vulnerability/CVE-2022-0206,NewStatPress < 1.3.6 - Reflected Cross-Site Scripting,"The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues",Wordpress,Newstatpress,6.1,MEDIUM,0.0011699999449774623,false,,false,false,false,,false,false,2022-02-14T09:21:05.000Z,0
CVE-2017-18575,https://securityvulnerability.io/vulnerability/CVE-2017-18575,,The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.,Wordpress,Newstatpress,6.1,MEDIUM,0.0005799999926239252,false,,false,false,false,,false,false,2019-08-22T12:59:44.000Z,0
CVE-2015-9311,https://securityvulnerability.io/vulnerability/CVE-2015-9311,,The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.,Wordpress,Newstatpress,6.1,MEDIUM,0.0005799999926239252,false,,false,false,false,,false,false,2019-08-14T14:54:52.000Z,0
CVE-2015-9312,https://securityvulnerability.io/vulnerability/CVE-2015-9312,,The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.,Wordpress,Newstatpress,6.1,MEDIUM,0.0008500000112690032,false,,false,false,false,,false,false,2019-08-14T14:54:08.000Z,0
CVE-2015-9313,https://securityvulnerability.io/vulnerability/CVE-2015-9313,,The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.,Wordpress,Newstatpress,9.8,CRITICAL,0.0016400000313296914,false,,false,false,false,,false,false,2019-08-14T14:53:16.000Z,0
CVE-2015-9314,https://securityvulnerability.io/vulnerability/CVE-2015-9314,,The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.,Wordpress,Newstatpress,6.1,MEDIUM,0.0005799999926239252,false,,false,false,false,,false,false,2019-08-14T14:52:46.000Z,0
CVE-2015-9315,https://securityvulnerability.io/vulnerability/CVE-2015-9315,,The newstatpress plugin before 1.0.1 for WordPress has SQL injection.,Wordpress,Newstatpress,9.8,CRITICAL,0.0016400000313296914,false,,false,false,false,,false,false,2019-08-14T14:51:56.000Z,0
CVE-2015-4062,https://securityvulnerability.io/vulnerability/CVE-2015-4062,,SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.,Wordpress,Newstatpress,,,0.013799999840557575,false,,false,false,false,,false,false,2015-05-27T18:00:00.000Z,0
CVE-2015-4063,https://securityvulnerability.io/vulnerability/CVE-2015-4063,,Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php.,Wordpress,Newstatpress,,,0.024819999933242798,false,,false,false,false,,false,false,2015-05-27T18:00:00.000Z,0