What is CVE-2021-24750?

A high-severity SQL injection vulnerability exists in the WP Visitor Statistics plugin for WordPress, affecting versions prior to 4.8. Organizations should address this vulnerability promptly to prevent potential exploitation by authenticated users.

What is the severity of CVE-2021-24750?

CVE-2021-24750 has a severity rating of HIGH with a CVSS base score of 8.8.

CVE-2021-24750 | High Vulnerability in Codepress Visitor Statistics Plugin

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action. This vulnerability allows users with a role as low as subscriber to perform SQL injection attacks, posing a significant security risk. The CVSS score for this vulnerability is 8.8, indicating a high level of severity that organizations must address immediately.

Risk to organizations includes unauthorized access to sensitive data and potential manipulation of the database. With the exploitability score at 2.8, the vulnerability poses a tangible threat, especially as it can be exploited by authenticated users without requiring any user interaction.

Organizations should prioritize patching immediately to mitigate risks associated with this vulnerability. The plugin's last modified date indicates that the vulnerability has been known for some time, and defenders must act to secure their systems against potential exploitation.

The urgency for defenders is heightened due to the possibility of SQL injection attacks leading to severe data breaches or system compromises. It is crucial for organizations using the affected version of the plugin to perform immediate updates.

Vulnerability Details

The vulnerability is classified as SQL injection (CWE-89), allowing attackers to manipulate database queries. The CVSS score of 8.8 reflects the high severity of this issue, with significant impacts on confidentiality, integrity, and availability. The affected product is the WP Visitor Statistics plugin from Codepress, specifically versions prior to 4.8, published on December 21, 2021.

Technical Analysis

The root cause of this vulnerability lies in the improper sanitization and escaping of user input in the refDetails AJAX action. The attack vector is network-based, and the attack complexity is low, requiring only low privileges to exploit. User interaction is not required, which heightens the risk of exploitation. The impact on confidentiality, integrity, and availability is rated high, making this a critical vulnerability for affected users.

Risk & Impact Analysis

The deployment of this plugin in production environments poses a significant risk due to the potential for SQL injection attacks. Organizations using versions prior to 4.8 should be aware of the blast radius this vulnerability can create, as it could allow attackers to gain unauthorized access to databases containing sensitive information. The urgency of addressing this vulnerability is high, given the CVSS score and the exploitability metrics.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of the WP Visitor Statistics plugin prior to 4.8 are affected by this vulnerability. Organizations should ensure that their installations are updated to the latest version to mitigate this risk.

Mitigation & Remediation

Organizations should prioritize updating the WP Visitor Statistics plugin to the latest version to address this vulnerability. If an immediate update is not possible, implementing network controls and configuration hardening can provide temporary mitigation. Regular monitoring and security assessments are also recommended to identify any potential exploitation attempts.

Detection Guidance

Monitoring logs for indicators of SQL injection attempts and behavioral anomalies is crucial. Organizations should look for unusual database queries or unauthorized access patterns in their systems. System changes should be documented and reviewed regularly.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2021-24750 lies in the continuous need for secure coding practices in plugin development. This vulnerability represents a common failure in input validation and sanitization, highlighting the importance of regular security audits and testing. Security teams should learn from this incident to improve their defensive strategies and enhance vulnerability management programs.

Organizations can benefit from implementing robust penetration testing services to identify such vulnerabilities proactively. For further insights on securing applications, consider reviewing our comprehensive application security assessment strategies.

To stay ahead of potential threats, organizations should engage in red teaming services that simulate real-world attack scenarios.

Finally, organizations should consider continuous security testing to ensure ongoing protection against similar vulnerabilities in the future. This proactive approach can significantly reduce the risk of exploitation.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-24750: High Vulnerability in Codepress Visitor Statistics Plugin