Lucene search
K

133 matches found

Cvelist
Cvelist
added 2024/08/26 8:49 p.m.37 views

CVE-2024-43265 WordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1...

4.3CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:49 p.m.60 views

CVE-2024-43265

CVE-2024-43265 describes a Cross-Site Request Forgery vulnerability in WordPress plugin Analytify (versions up to 5.3.1). Exploitation could allow an attacker to induce users to opt-out of analytics without their knowledge. The connected records indicate this vulnerability is real and that a patc...

4.3CVSS7AI score0.00167EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.4 views

WordPress plugin Analytify 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.6AI score0.00167EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/12 2:2 p.m.10 views

WordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout Vulnerability

CSRF Leading to Optout Vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Analytify versions = 5.3.1...

4.3CVSS6.9AI score0.00167EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.23 views

WordPress Analytify Plugin <= 5.3.1 is vulnerable to Broken Access Control

Software Analytify Type Plugin Vulnerable versions = 5.3.1 Fixed in 5.4.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43265 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1206608342d9 Credits Dhabaleshwar Das Required privilege...

4.3CVSS6.6AI score0.00167EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/12 12:0 a.m.14 views

Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) < 5.2.4 - Cross-Site Request Forgery

Description The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.3. This is due to missing or incorrect nonce validation on the wpacheckauthentication function...

8.8CVSS6.6AI score0.00202EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/08 3:15 p.m.2 views

CVE-2024-35689

Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...

8.8CVSS5.8AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 2024/06/08 3:15 p.m.25 views

CVE-2024-35689

Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...

8.8CVSS0.00202EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/08 2:39 p.m.31 views

CVE-2024-35689 WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...

5.4CVSS0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/08 2:39 p.m.14 views

CVE-2024-35689 WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3...

5.4CVSS7AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2024/06/08 2:39 p.m.62 views

CVE-2024-35689

Technical details for CVE-2024-35689 are not provided in the supplied documents; no specific affected versions, exploit vectors, or fixes are stated. Monitor for updates from vendors and CVE databases.

8.8CVSS6.3AI score0.00202EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.3 views

WordPress plugin Analytify Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

8.8CVSS6.8AI score0.00202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.6 views

PT-2024-26637 · Analytify · Analytify

Name of the Vulnerable Software and Affected Versions: Analytify versions prior to 5.2.4 Description: A Cross-Site Request Forgery CSRF issue affects Analytify, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For versions prior to 5.2.4,...

8.8CVSS6.9AI score0.00202EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/06/06 9:49 a.m.4 views

WordPress Analytify plugin <=5.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea in WordPress Plugin Analytify versions = 5.2.3...

8.8CVSS7AI score0.00202EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.19 views

WordPress Analytify Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Analytify Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-35689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4a532a64f850 Credits Majed Refaea Required...

8.8CVSS6.6AI score0.00202EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/05/02 5:15 p.m.11 views

CVE-2024-1809

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...

5.4CVSS5.3AI score0.00293EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.3 views

CVE-2024-1809

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...

5.4CVSS5.8AI score0.00293EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.18 views

CVE-2024-1584

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

5.3CVSS5AI score0.00435EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.1 views

CVE-2024-1584

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

5.3CVSS5.8AI score0.00435EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.18 views

CVE-2024-1809 Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...

5.4CVSS6.2AI score0.00293EPSS
Exploits0References2
Rows per page
Query Builder