9 matches found
PT-2024-14484 · Monster Insights · Google Analytics
Name of the Vulnerable Software and Affected Versions: Google Analytics by Monster Insights versions 8.21.0 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the MonsterInsights Google Analytics plugin by Monster Insights...
Google Analytics by Monster Insights < 8.22.0 - Missing Authorization
Description The plugin is vulnerable to unauthorized access due to a missing capability check in versions up to, and including, 8.21.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action...
WordPress Google Analytics by Monster Insights Plugin <= 8.21.0 is vulnerable to Broken Access Control
Software Google Analytics by Monster Insights Type Plugin Vulnerable versions = 8.21.0 Fixed in 8.22.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-52220 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7da3fc475c0d Credits Rafie...
PT-2023-23704 · Unknown · Monsterinsights Pro
Name of the Vulnerable Software and Affected Versions: MonsterInsights Pro versions prior to 8.14.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious...
CVE-2023-23999 WordPress Google Analytics by Monster Insights Plugin <= 8.14.0 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in MonsterInsights plugin = 8.14.0 versions...
CVE-2023-23999 WordPress Google Analytics by Monster Insights Plugin <= 8.14.0 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in MonsterInsights plugin = 8.14.0 versions...
WordPress Google Analytics by Monster Insights Plugin < 8.12.1 is vulnerable to Cross Site Scripting (XSS)
Software Google Analytics by Monster Insights Type Plugin Vulnerable versions 8.12.1 Fixed in 8.12.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0081 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 30ac1c972f6b Credi...
WordPress Google Analytics by Monster Insights plugin <= 7.1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Google Analytics by Monster Insights plugin versions = 7.1.0. Solution Update the WordPress Google Analytics by Monster Insights plugin to the latest available version at least 7.2.0...
Google Analytics by Monster Insights <= 7.1.0 - Authenticated Stored Cross-Site Scripting (XSS)
The Google Analytics Dashboard Plugin for WordPress by MonsterInsights WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...