133 matches found
CVE-2024-43265 WordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1...
CVE-2024-43265
CVE-2024-43265 describes a Cross-Site Request Forgery vulnerability in WordPress plugin Analytify (versions up to 5.3.1). Exploitation could allow an attacker to induce users to opt-out of analytics without their knowledge. The connected records indicate this vulnerability is real and that a patc...
WordPress plugin Analytify 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
WordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout Vulnerability
CSRF Leading to Optout Vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Analytify versions = 5.3.1...
WordPress Analytify Plugin <= 5.3.1 is vulnerable to Broken Access Control
Software Analytify Type Plugin Vulnerable versions = 5.3.1 Fixed in 5.4.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43265 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1206608342d9 Credits Dhabaleshwar Das Required privilege...
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) < 5.2.4 - Cross-Site Request Forgery
Description The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.3. This is due to missing or incorrect nonce validation on the wpacheckauthentication function...
CVE-2024-35689
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...
CVE-2024-35689
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...
CVE-2024-35689 WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...
CVE-2024-35689 WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...
CVE-2024-35689
Technical details for CVE-2024-35689 are not provided in the supplied documents; no specific affected versions, exploit vectors, or fixes are stated. Monitor for updates from vendors and CVE databases.
WordPress plugin Analytify Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
PT-2024-26637 · Analytify · Analytify
Name of the Vulnerable Software and Affected Versions: Analytify versions prior to 5.2.4 Description: A Cross-Site Request Forgery CSRF issue affects Analytify, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For versions prior to 5.2.4,...
WordPress Analytify plugin <=5.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea in WordPress Plugin Analytify versions = 5.2.3...
WordPress Analytify Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Analytify Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-35689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4a532a64f850 Credits Majed Refaea Required...
CVE-2024-1809
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...
CVE-2024-1809
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...
CVE-2024-1584
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...
CVE-2024-1584
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...
CVE-2024-1809 Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization
The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...