PT-2025-22034 · Unknown · Analyticswp

Name of the Vulnerable Software and Affected Versions: AnalyticsWP versions 2.0.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For AnalyticsWP versions 2.0.0 and...

PT-2025-17526 · Solid Plugins · Analyticswp

Name of the Vulnerable Software and Affected Versions: AnalyticsWP versions 2.1.2 and earlier Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data. Recommendations: For AnalyticsWP versions 2.1....

WordPress AnalyticsWP <= 2.1.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AnalyticsWP versions = 2.1.2...

WordPress AnalyticsWP plugin <= 2.1.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AnalyticsWP versions = 2.1.2...

CVE-2024-13321

The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'customsql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handlegetstats function. This makes it possible for unauthenticated attackers to append additional SQL...

CVE-2024-13321

The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'customsql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handlegetstats function. This makes it possible for unauthenticated attackers to append additional SQL...

CVE-2024-13321

CVE-2024-13321 affects AnalyticsWP for WordPress. A SQL Injection via the custom_sql parameter exists in all versions up to 2.0.0 due to insufficient authorization checks in handle_get_stats(), enabling unauthenticated queries to access data. The vulnerability is publicly documented and has a pat...

CVE-2024-13321 AnalyticsWP <= 2.0.0 - Unauthenticated SQL Injection

The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'customsql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handlegetstats function. This makes it possible for unauthenticated attackers to append additional SQL...

CVE-2024-13321 AnalyticsWP <= 2.0.0 - Unauthenticated SQL Injection

The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'customsql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handlegetstats function. This makes it possible for unauthenticated attackers to append additional SQL...

WordPress plugin AnalyticsWP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress AnalyticsWP plugin <= 2.0.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AnalyticsWP versions = 2.0.0...