Known Vulnerabilities for products from Veronalabs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Veronalabs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-55716 json | Not Provided | 2025-08-14 | 2026-04-01 | |
| CVE-2023-32742 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in VeronaLabs WP SMS plugin <= 6.1.4 versions. | 6.1 - MEDIUM | 2023-08-30 | 2023-08-31 |
| CVE-2023-27447 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-28 | 2024-01-04 |
| CVE-2023-6981 json | The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable ... | Not Provided | 2024-01-03 | 2026-04-08 |
| CVE-2023-6980 json | The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable ... | Not Provided | 2024-01-03 | 2026-04-08 |
| CVE-2023-0955 json | The WP Statistics WordPress plugin before 14.0 does not escape a parameter, which could allow authenticated users to perform ... | 8.8 - HIGH | 2023-03-27 | 2023-11-07 |
| CVE-2022-38074 json | SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions. | 8.8 - HIGH | 2023-03-13 | 2023-11-07 |
| CVE-2022-27231 json | Cross-site scripting vulnerability exists in WP Statistics versions prior to 13.2.0 because it improperly processes a platfor... | 6.1 - MEDIUM | 2022-06-13 | 2022-06-17 |
| CVE-2022-25307 json | The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the... | 6.1 - MEDIUM | 2022-02-24 | 2022-03-03 |
| CVE-2022-25306 json | The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the... | 6.1 - MEDIUM | 2022-02-24 | 2022-03-03 |
| CVE-2022-25305 json | The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the... | 6.1 - MEDIUM | 2022-02-24 | 2022-03-03 |
| CVE-2022-25149 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-24 | 2022-03-03 |
| CVE-2022-25148 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-02-24 | 2024-01-25 |
| CVE-2022-4230 json | The WP Statistics WordPress plugin before 13.2.9 does not escape a parameter, which could allow authenticated users to perfor... | 8.8 - HIGH | 2023-01-23 | 2023-11-07 |
| CVE-2022-1005 json | The WP Statistics WordPress plugin before 13.2.2 does not sanitise the REQUEST_URI parameter before outputting it back in the... | 6.1 - MEDIUM | 2022-06-08 | 2022-06-17 |
| CVE-2022-0651 json | The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the cu... | 7.5 - HIGH | 2022-02-24 | 2022-03-03 |
| CVE-2022-0513 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-16 | 2022-02-24 |
| CVE-2021-24561 json | The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_group_name" parameter before outputting it back in the "G... | 5.4 - MEDIUM | 2021-08-23 | 2021-08-30 |
| CVE-2021-24340 json | The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress esc_sql() function on a field not delimited by... | 7.5 - HIGH | 2021-06-07 | 2021-06-14 |
| CVE-2021-4333 json | The WP Statistics plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 13.1.1. ... | Not Provided | 2023-03-07 | 2026-04-08 |
Known software with vulnerabilities from Veronalabs
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Veronalabs | Wp Statistics | 1.0 |