Lucene search
K

191 matches found

CVE
CVE
added 2025/12/19 8:23 a.m.14 views

CVE-2025-14151

CVE-2025-14151 affects SlimStat Analytics for WordPress. The vulnerability is a Stored XSS via the outbound_resource attribute in the slimtrack AJAX action in all versions up to 5.3.2, caused by insufficient input sanitization and output escaping. Unauthenticated attackers can inject scripts that...

7.2CVSS4.9AI score0.00377EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/19 8:23 a.m.26 views

CVE-2025-14151 SlimStat Analytics <= 5.3.2 - Unauthenticated Stored Cross-Site Scripting

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outboundresource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes...

7.2CVSS0.00377EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/19 8:23 a.m.4 views

CVE-2025-14151 SlimStat Analytics <= 5.3.2 - Unauthenticated Stored Cross-Site Scripting

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outboundresource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes...

7.2CVSS4.9AI score0.00377EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/19 8:23 a.m.3 views

EUVD-2025-204479

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outboundresource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes...

6.1CVSS4.8AI score0.00377EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/19 7:32 a.m.6 views

WordPress SlimStat Analytics plugin <= 5.3.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Slimstat Analytics versions = 5.3.2...

6.1CVSS5.6AI score0.00377EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.7 views

WordPress plugin SlimStat Analytics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site scripti...

7.2CVSS5.8AI score0.00377EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.5 views

PT-2025-52436

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outbound resource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes...

6.1CVSS5.2AI score0.00377EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38118

Malicious code in bioql PyPI...

6.5CVSS7.5AI score0.00487EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-54452

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54451

Malicious code in bioql PyPI...

8.8CVSS7AI score0.00916EPSS
Exploits4References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48263

Malicious code in bioql PyPI...

7.1CVSS7AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50003

Malicious code in bioql PyPI...

7.2CVSS6.4AI score0.00496EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-54450

Malicious code in bioql PyPI...

6.4CVSS6.8AI score0.00576EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45232

Malicious code in bioql PyPI...

5.9CVSS5.9AI score0.00354EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51665

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00642EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-48270

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00517EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16848

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00452EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:41 a.m.15 views

CVE-2024-1073

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'filterarray' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-leve...

6.4CVSS5.8AI score0.00452EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.7 views

CVE-2023-0630

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query...

8.8CVSS9AI score0.05141EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.9 views

CVE-2023-33994

Missing Authorization vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/a through = 5.0.5.1...

6.5CVSS7.1AI score0.00487EPSS
Exploits0References1
Rows per page
Query Builder