CVE-2025-22304
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Jan 7, 2025
CWE ID 862
Summary
CVE-2025-22304 is a Missing Authorization vulnerability identified in the WP Visitor Statistics (Real Time Traffic) plugin. This issue arises due to incorrectly configured access control security levels, enabling unauthorized access and potential exploitation. The vulnerability affects WP Visitor Statistics versions from n/a through 7.3. Successful exploitation may lead to serious data breaches or unauthorized functionality changes. It is crucial for users to update their plugin to the latest, secure version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- WP Visitor Statistics Plugin
Affected Vendors
- WordPress