CVE-2025-68028 WordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through = 2.10.0...

CVE-2025-68028 WordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through = 2.10.0...

CVE-2026-22517

CVE-2026-22517 : GA4WP (GA4WP – Google Analytics for WordPress) is affected by a Missing Authorization vulnerability. The issue affects GA4WP versions from unknown start up to and including 2.10.0. The CVSS 3.1 metrics published with the entry show a base score of 5.4 (Medium) with network attack...

WordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GA4WP: Google Analytics for WordPress versions = 2.10.0...

CVE-2022-3839

The Analytics for WP WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2022-24401 · WordPress · Analytics For Wp

Name of the Vulnerable Software and Affected Versions: Analytics for WP WordPress plugin versions 1.5.1 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for examp...