{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-0405","assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","state":"PUBLISHED","assignerShortName":"Wordfence","dateReserved":"2024-01-10T17:00:07.732Z","datePublished":"2024-01-17T04:32:16.771Z","dateUpdated":"2026-04-08T17:29:23.394Z"},"containers":{"cna":{"providerMetadata":{"orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence","dateUpdated":"2026-04-08T17:29:23.394Z"},"affected":[{"vendor":"burstbv","product":"Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative)","versions":[{"version":"0","status":"affected","lessThanOrEqual":"1.5.3","versionType":"semver"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. Affected parameters include 'browser', 'device', 'page_id', 'page_url', 'platform', and 'referrer'. This vulnerability arises due to insufficient escaping of user-supplied parameters and the lack of adequate preparation in SQL queries. As a result, authenticated attackers with editor access or higher can append additional SQL queries into existing ones, potentially leading to unauthorized access to sensitive information from the database."}],"title":"Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection","references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e349f07d-a520-4700-a6e0-25e68c1deeae?source=cve"},{"url":"https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/statistics/class-statistics.php?rev=3011996#L380"},{"url":"https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/statistics/class-statistics.php?rev=3011996#L926"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3020809%40burst-statistics%2Ftrunk&old=3012004%40burst-statistics%2Ftrunk&sfp_email=&sfph_mail="}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","cweId":"CWE-89","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH"}}],"credits":[{"lang":"en","type":"finder","value":"Ivan Spiridonov"}],"timeline":[{"time":"2024-01-05T00:00:00.000Z","lang":"en","value":"Vendor Notified"},{"time":"2024-01-16T00:00:00.000Z","lang":"en","value":"Disclosed"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T18:04:49.644Z"},"title":"CVE Program Container","references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e349f07d-a520-4700-a6e0-25e68c1deeae?source=cve","tags":["x_transferred"]},{"url":"https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/statistics/class-statistics.php?rev=3011996#L380","tags":["x_transferred"]},{"url":"https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/statistics/class-statistics.php?rev=3011996#L926","tags":["x_transferred"]},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3020809%40burst-statistics%2Ftrunk&old=3012004%40burst-statistics%2Ftrunk&sfp_email=&sfph_mail=","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-08T15:47:02.470760Z","id":"CVE-2024-0405","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-02T15:06:30.290Z"}}]}}