PT-2025-13489 · Unknown · The Visitor Counter

Published

2025-03-28

Updated

2025-03-28

CVE-2025-31449

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions The Visitor Counter versions 1.4.3 and earlier

Description A Cross-Site Request Forgery (CSRF) issue in The Visitor Counter allows for Stored XSS.

Recommendations For versions 1.4.3 and earlier, update to a version that fixes the CSRF vulnerability to prevent Stored XSS attacks. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-31449

Affected Products

The Visitor Counter

PT-2025-13489 · Unknown · The Visitor Counter

CVE-2025-31449

Weakness Enumeration

Related Identifiers

Affected Products

References · 5