3 matches found
CVE-2024-1073
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'filterarray' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-leve...
CVE-2024-1073
The CVE-2024-1073 entry concerns the SlimStat Analytics WordPress plugin (versions up to 5.1.3). The root cause is insufficient input sanitization and output escaping in the filter_array parameter, enabling stored Cross-Site Scripting. Authenticated attackers with subscriber-level access and abov...
WordPress Slimstat Analytics Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Slimstat Analytics Type Plugin Vulnerable versions = 5.1.3 Fixed in 5.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1073 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d8755898281f Credits Lucio Sá Requir...