WP Statistics
VeronaLabs
Developer
14.15.6
Latest version
600,000
Installations
Nov 9, 2025
Last updated
Vulnerability history
0 present
28 fixed
12 Mitigation rules
- Unauthenticated Stored Cross-Site Scripting via User-Agent Header vulnerability<= 14.15.4Sep 27, 2025
- Broken Access Control Vulnerability<= 14.15Aug 14, 2025
- Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Update vulnerability<= 14.13.3Apr 29, 2025
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 14.5Mar 12, 2024
- Admin+ SQL Injection vulnerability< 14.0Mar 28, 2023
- Multiple Authenticated SQL Injection vulnerabilities<= 13.2.10Jan 31, 2023
- Authenticated SQLi vulnerability< 13.2.9Dec 27, 2022
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 13.2.1May 24, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 13.2.1May 10, 2022
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 13.1.5Feb 17, 2022
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 13.1.5Feb 17, 2022
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 13.1.5Feb 17, 2022
- Unauthenticated Blind SQL Injection (SQLi) vulnerability<= 13.1.5Feb 16, 2022
- Unauthenticated Blind SQL Injection (SQLi) vulnerability<= 13.1.5Feb 16, 2022
- Unauthenticated Blind SQL Injection (SQLi) via IP vulnerability<= 13.1.5Feb 16, 2022
- Unauthenticated SQL Injection vulnerability<= 13.1.4Feb 10, 2022
- Unauthenticated Time-Based Blind SQL Injection (SQLi) vulnerability<= 13.0.7May 18, 2021
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 12.6.6.1Jul 4, 2019
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 12.6.5Jun 12, 2019
- Cross-Site Scripting (XSS) vulnerability<= 12.6.3Apr 24, 2019
- Authenticated SQL Injection vulnerability<= 12.0.7Jul 1, 2017
- Reflected Cross-Site Scripting (XSS) vulnerability<= 12.0.5Apr 28, 2017
- SQL Injection<= 9.4Nov 22, 2015
- Cross Site Scripting<= 9.5.1Aug 10, 2015
- Cross Site Scripting<= 2.2.4Jun 25, 2015
- Stored & Reflected XSS<= 8.3May 15, 2015
- Stored XSS<= 8.4May 15, 2015
- Stored Cross Site Scripting<= 9.1.2May 15, 2015