PT-2023-31106 · Getsocial.Io · Social Share Buttons & Analytics Plugin

Name of the Vulnerable Software and Affected Versions: Social Share Buttons & Analytics Plugin – GetSocial.Io versions n/a through 4.3.12 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XS...

WordPress Plugin Article Analytics Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2023-32231 · WordPress · Article Analytics Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Article Analytics WordPress plugin affected versions not specified Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. This AJAX action is...

CVE-2023-45057

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Hitsteps Web Analytics plugin = 5.86 versions...

CVE-2023-45268

Cross-Site Request Forgery CSRF vulnerability in Hitsteps Hitsteps Web Analytics plugin = 5.86 versions...

CVE-2023-45268

Cross-Site Request Forgery CSRF vulnerability in Hitsteps Hitsteps Web Analytics plugin = 5.86 versions...

WordPress plugin Slimstat Analytics SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

CVE-2022-45366

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin = 5.0.4 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin = 5.0.4 versions...

CVE-2022-45366

CVE-2022-45366 – WordPress Slimstat Analytics (plugin)

CVE-2022-47587

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Cornel Raiu WP Search Analytics plugin = 1.4.5 versions...

CVE-2022-37402

Stored Cross-site Scripting XSS vulnerability in AFS Analytics plugin = 4.18 versions...

CVE-2022-37402 WordPress AFS Analytics Plugin <= 4.18 is vulnerable to Cross Site Scripting (XSS)

Stored Cross-site Scripting XSS vulnerability in AFS Analytics plugin = 4.18 versions...

CVE-2022-37402 WordPress AFS Analytics Plugin <= 4.18 is vulnerable to Cross Site Scripting (XSS)

Stored Cross-site Scripting XSS vulnerability in AFS Analytics plugin = 4.18 versions...

CVE-2022-37402

Summary: CVE-2022-37402 is a stored XSS vulnerability in the WordPress AFS Analytics plugin, affecting versions up to 4.18. The root cause is a stored cross-site scripting flaw in the plugin’s handling of input, enabling scripts to be saved and executed in a user’s browser. Impact (as described i...

CVE-2021-41836

The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the $siteid parameter found in the /fathom-analytics.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versio...

WordPress 插件跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Google Analytics plugin for WordPress, versions...

CVE-2016-10912

The CVE concerns the WordPress universal-analytics plugin, specifically versions before 1.3.1, which are reported to be vulnerable to cross-site scripting (XSS). The affected component is the universal-analytics plugin for WordPress; the root cause is not spelled out beyond the XSS description in...

WordPress Plugin Add Code To Head upsite_analytics_plugin SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress plugin Add Code To Head upsiteanalyticsplugin. The vulnerability is...

Slimstat Analytics Plugin for WordPress < 4.7.1 PHP Object Injection

According to its self-reported version, the Slimstat Analytics Plugin for WordPress running on the remote web server is prior to 4.7.1. It is, therefore, affected by a PHP object injection vulnerability. An authenticated, remote attacker can exploit this issue to inject PHP objects and execute...