WordPress Goal Tracker – Custom Event Tracking for GA4 plugin <= 1.1.5 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Goal Tracker - Custom Event Tracking for GA4 versions = 1.1.5...

CVE-2025-48305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon goal-tracker-for-patreon allows Stored XSS.This issue affects Goal Tracker for Patreon: from n/a through = 0.4.6...

CVE-2025-48305

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon goal-tracker-for-patreon allows Stored XSS.This issue affects Goal Tracker for Patreon: from n/a through = 0.4.6...

CVE-2025-48305 WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon allows Stored XSS. This issue affects Goal Tracker for Patreon: from n/a through 0.4.6...

CVE-2025-48305

CVE-2025-48305 affects the WordPress plugin Goal Tracker for Patreon (versions up to 0.4.6) with a stored XSS due to improper input neutralization during web page generation. Connected sources corroborate the vulnerability type (Stored XSS) and affected version range, and Patchstack/PTSecurity gu...

CVE-2025-48305 WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vikingjs Goal Tracker for Patreon goal-tracker-for-patreon allows Stored XSS.This issue affects Goal Tracker for Patreon: from n/a through = 0.4.6...

WordPress plugin Goal Tracker for Patreon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2025-34994

Name of the Vulnerable Software and Affected Versions: vikingjs Goal Tracker for Patreon versions through 0.4.6 Description: The application suffers from a Stored Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of...

WordPress Goal Tracker for Patreon plugin <= 0.4.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Vinit Lakra Patchstack Alliance in WordPress Plugin Goal Tracker for Patreon versions = 0.4.6...

WordPress Goal Tracker - Custom Event Tracking for GA4 Plugin < 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Goal Tracker - Custom Event Tracking for GA4 Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e97011f95aa7 Credits Raf...

7 Weeks - Habit & Goal Tracker - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application 7 Weeks - Habit & Goal Tracker published at the 'play' market has multiple vulnerabilities...