CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-27888

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00079EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:34 a.m.•2 views

CVE-2024-0250

The Analytics Insights for Google Analytics 4 AIWP WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can...

6.1CVSS6.6AI score0.21157EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 2:38 a.m.•2 views

CVE-2023-23802

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Easy GA4 Google Analytics 4 plugin = 1.0.6 versions...

8.8CVSS6.9AI score0.00079EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 7:55 a.m.•20 views

CVE-2024-29094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Easy GA4 Google Analytics 4 allows Stored XSS.This issue affects HT Easy GA4 Google Analytics 4 : from n/a through 1.1.7...

7.1CVSS8.6AI score0.00126EPSS

Exploits0References1

Cvelist•added 2024/06/28 6:57 a.m.•20 views

CVE-2024-6288 Conversios.io - All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce <= 7.1.0 - Reflected Cross-Site Scripting

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tiktokuserid’ parameter in all versions up to, and including, 7.1.0 due to insufficient input sanitization and output...

4.7CVSS0.02577EPSS

Exploits0References4

Positive Technologies•added 2024/06/28 12:0 a.m.•2 views

PT-2024-37515 · Google +1 · Google Analytics 4 +1

Name of the Vulnerable Software and Affected Versions: The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress versions up to, and including, 7.0.12 Description: The issue is related to Reflected Cross-Site Scripting due to insufficie...

4.7CVSS6.2AI score0.02577EPSS

Exploits0References6

WPVulnDB•added 2024/03/20 12:0 a.m.•17 views

HT Easy GA4 ( Google Analytics 4 ) < 1.1.8 - Reflected Cross-Site Scripting

Description The HT Easy GA4 Google Analytics 4 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘functionorparam’ parameter in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.1CVSS6.4AI score0.00126EPSS

Exploits0References1Affected Software1

NVD•added 2024/03/19 5:15 p.m.•13 views

CVE-2024-29094

7.1CVSS6.8AI score0.00126EPSS

Exploits0References1

CVE•added 2024/03/19 4:38 p.m.•60 views

CVE-2024-29094

CVE-2024-29094 relates to HT Easy GA4 (HasThemes) for WordPress, vulnerability type: Stored XSS due to Improper Neutralization of Input During Web Page Generation. Affected software: HT Easy GA4 (Google Analytics 4) plugin; affected range: from n/a through version 1.1.7. The impact is stored cros...

7.1CVSS8.6AI score0.00126EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/03/19 4:38 p.m.•16 views

CVE-2024-29094 WordPress HT Easy GA4 plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

7.1CVSS7AI score0.00126EPSS

Exploits0References1

Patchstack•added 2024/03/15 12:0 a.m.•6 views

WordPress HT Easy GA4 ( Google Analytics 4 ) Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software HT Easy GA4 Google Analytics 4 Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29094 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8f8e72c6e71d Credits Yudistira Arya...

7.1CVSS6.5AI score0.00126EPSS

Exploits0References2Affected Software1

NVD•added 2024/03/13 4:15 p.m.•13 views

CVE-2024-1203

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 7.0.7 due to insufficient escaping on the user supplied parameter and lack of...

8.8CVSS8.7AI score0.00691EPSS

Exploits0References3

Prion•added 2024/03/13 4:15 p.m.•17 views

Sql injection

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 6.9.1 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS7.8AI score0.00691EPSS

Exploits0References2

Cvelist•added 2024/03/13 3:26 p.m.•34 views

CVE-2024-1203 Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce <= 7.0.7 - Authenticated (Subscriber+) SQL Injection

8.8CVSS8.8AI score0.00691EPSS

Exploits0References3

CVE•added 2024/03/13 3:26 p.m.•58 views

CVE-2024-1203

CVE-2024-1203 involves the Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce WordPress plugin. The root cause is insufficient escaping and improper preparation of SQL queries in the valueData parameter, enabling authenticated attackers with subscriber...

8.8CVSS7.2AI score0.00691EPSS

Exploits0References3Affected Software1

NVD•added 2024/02/28 9:15 a.m.•14 views

CVE-2024-0786

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the eesyncProductCategory function using the parameters conditionData, valueData, productArray, exclude and include in all versions ...

8.8CVSS8.7AI score0.00395EPSS

Exploits0References3

Prion•added 2024/02/28 9:15 a.m.•12 views

Sql injection

6.5CVSS7.6AI score0.00395EPSS

Exploits0References2