WordPress plugin Social Analytics 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Show Analytics widget plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-51700 WordPress NAVER Analytics plugin <= 0.9 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in eutrue NAVER Analytics naver-analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a through = 0.9...

CVE-2024-51700

CVE-2024-51700 is a cross-site request forgery to stored cross-site scripting vulnerability affecting NAVER Analytics (versions up to 0.9, has been unpatched per ENISA/EUVD entry). Connected EUVD-2024-45791 notes malicious code in NAVER Analytics (PyPI bioql unrelated to NAVER) but reiterates NAV...

WordPress plugin Matomo Analytics 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2023-33994 WordPress Slimstat Analytics plugin <= 5.0.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/a through = 5.0.5.1...

WordPress plugin Advanced Video Player with Analytics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Advanced Video Player with Analytics plugin <= 1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Advanced Video Player with Analytics versions = 1...

WordPress Advanced Video Player with Analytics Plugin <= 1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Video Player with Analytics Type Plugin Vulnerable versions = 1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51824 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f152b96175b2 Credits SOPROBRO Required...

WordPress plugin QA Analytics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress QA Analytics plugin <= 4.1.1.1 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Peter Thaleikis in WordPress Plugin QA Analytics versions = 4.1.1.1...

WordPress WP Search Analytics plugin <= 1.4.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin WP Search Analytics versions = 1.4.9...

WordPress Matomo Analytics plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) leading to Notice Dismissal vulnerability

Cross Site Request Forgery CSRF leading to Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Matomo Analytics versions = 5.1.1...

Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics < 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

GoCD: XSS in GOCD Analytics Plugin

The vulnerability was discovered in the GOCD Analytics Plugin, specifically in the info-message.js file. The vulnerability allowed for Cross-Site Scripting XSS attacks by injecting malicious code through the ?msg= parameter. The vulnerable code failed to properly sanitize the user-supplied input,...

WordPress HT Easy GA4 ( Google Analytics 4 ) Plugin <= 1.1.9 is vulnerable to Broken Access Control

Software HT Easy GA4 Google Analytics 4 Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1176 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e56dad603800 Credits Francesco...

CVE-2024-23905

Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

CVE-2024-23905

Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

CVE-2023-28788

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a...

CVE-2023-49189

CVE-2023-49189 is a Stored XSS in WordPress plugin Social Share Buttons & Analytics Plugin – GetSocial.io (GetSocial)