WordPress · Wp Visitor Statistics · CVE-2023-0600
**Name of the Vulnerable Software and Affected Versions**
WP Visitor Statistics (Real Time Traffic) versions prior to 6.9
**Description**
The issue allows unauthenticated visitors to conduct SQL Injection attacks due to the plugin not escaping user input which is concatenated to an SQL query.
**Recommendations**
For versions prior to 6.9, update to version 6.9 or later to resolve the issue.