Lucene search
K

39 matches found

OSV
OSV
added 2024/05/02 5:15 p.m.1 views

CVE-2024-1584

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

5.3CVSS5.8AI score0.00435EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/02 4:52 p.m.10 views

CVE-2024-1809

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...

5.4CVSS6.3AI score0.00293EPSS
Exploits0References2
CVE
CVE
added 2024/05/02 4:51 p.m.52 views

CVE-2024-1584

CVE-2024-1584 affects Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy). The issue is a missing capability check in wpa_check_authentication across all versions up to 5.2.1, enabling unauthorized modification of the site’s Google Analytics tracking ID by unauthenticat...

5.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-18325 · WordPress · Analytify – Google Analytics Dashboard For Wordpress

Name of the Vulnerable Software and Affected Versions: The Analytify – Google Analytics Dashboard For WordPress plugin for WordPress versions up to, and including, 5.2.3 Description: The issue allows authenticated attackers with subscriber access or higher to obtain certain sensitive information...

5.4CVSS6.1AI score0.00293EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.4AI score0.00293EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.2AI score0.00435EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/01 12:0 a.m.8 views

The vulnerability of the wpa_check_authentication() function in the Analytify plugin of the WordPress content management system allows a hacker to modify the Google Analytics tracking identifier of the website.

The vulnerability of the wpacheckauthentication function in the Analytify plugin of the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to modify the Google Analytics tracking identifier of t...

5.3CVSS5.4AI score0.00435EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/29 12:0 p.m.4 views

WordPress Analytify plugin <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification vulnerability

Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification vulnerability discovered by Francesco Carlucci in WordPress Plugin Analytify versions = 5.2.3...

5.3CVSS7AI score0.00435EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/29 12:0 a.m.9 views

WordPress Analytify Plugin <= 5.2.3 is vulnerable to Broken Access Control

Software Analytify Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1809 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ab2e692a810a Credits Lucio Sá Required privilege Subscrib...

5.4CVSS6.6AI score0.00293EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/05 12:0 a.m.19 views

WordPress Analytify Plugin <= 5.1.0 is vulnerable to Broken Access Control

Software Analytify Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-41695 Patch priority Low CVSS severity Low 3.5 Developer Claim ownership PSID cd9a143f3c57 Credits Abdi Pranata Required privilege...

6.6AI score0.00444EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/11/08 7:15 p.m.4 views

CVE-2022-38137

Cross-Site Request Forgery CSRF vulnerability in Analytify plugin = 4.2.2 on WordPress...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References2
NVD
NVD
added 2022/11/08 7:15 p.m.18 views

CVE-2022-38137

Cross-Site Request Forgery CSRF vulnerability in Analytify plugin = 4.2.2 on WordPress...

8.8CVSS0.00301EPSS
Exploits0References2
Prion
Prion
added 2022/11/08 7:15 p.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Analytify plugin = 4.2.2 on WordPress...

6.8CVSS8.8AI score0.00301EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/08 6:32 p.m.9 views

CVE-2022-38137 WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Analytify plugin = 4.2.2 on WordPress...

4.3CVSS5.8AI score0.00301EPSS
Exploits0References2
CVE
CVE
added 2022/11/08 6:32 p.m.66 views

CVE-2022-38137

The CVE-2022-38137 issue affects the WordPress Analytify plugin, specifically versions

8.8CVSS6.5AI score0.00301EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.4 views

PT-2022-24230 · WordPress · Analytify

Name of the Vulnerable Software and Affected Versions: Analytify plugin versions = 4.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to...

8.8CVSS8.5AI score0.00301EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.4 views

WordPress plugin Analytify 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS7.7AI score0.00301EPSS
Exploits0References3
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.31 views

WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Cache Deletion discovered by Muhammad Daffa Patchstack Alliance in WordPress Analytify plugin versions = 4.2.2 Solution Update the WordPress Analytify plugin to the latest available version at least 4.2.3...

8.8CVSS4.2AI score0.00301EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/08/06 12:0 a.m.6 views

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

9.8CVSS5.5AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder