📦 Koko Analytics

Koko Analytics WordPress plugin versions before 2.1.3 allow arbitrary SQL execution through unescaped analytics data and permissive SQL import functionality. Unauthenticated attackers can inject malic...

The Koko Analytics WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to inject malicious scripts via crafted URLs. When victims click...