WordPress Visitor Statistics plugin through 5.7 contains multiple unauthenticated SQL injection vulnerabilities. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
View the template here CVE-2022-33965.yaml
References:
https://wordpress.org/plugins/wp-stats-manager/