CVE-2016-10912

The universal-analytics plugin before 1.3.1 for WordPress has XSS...

CVE-2025-23483

Cross-Site Request Forgery CSRF vulnerability in hoyce Universal Analytics Injector universal-analytics-injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through = 1.0.3...

EUVD-2016-1906

Malware in sbrugna...

EUVD-2025-24731

Malicious code in bioql PyPI...

EUVD-2025-3204

Malicious code in bioql PyPI...

CVE-2025-28962

CVE-2025-28962: WordPress/ plugin "Advanced Google Universal Analytics" (stefanoai) has a Missing Authorization vulnerability. The issue arises from misconfigured access control levels, enabling unauthorized access to potentially sensitive data. Affected software versions: Advanced Google Univers...

PT-2025-33153 · Stefanoai · Advanced Google Universal Analytics

Name of the Vulnerable Software and Affected Versions: stefanoai Advanced Google Universal Analytics versions through 1.0.3 Description: A missing authorization flaw in stefanoai Advanced Google Universal Analytics allows exploitation of incorrectly configured access control security levels...

CVE-2025-23483

Cross-Site Request Forgery CSRF vulnerability in hoyce Universal Analytics Injector universal-analytics-injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through = 1.0.3...

CVE-2025-23483 WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Niklas Olsson Universal Analytics Injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through 1.0.3...

CVE-2025-23483 WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in hoyce Universal Analytics Injector universal-analytics-injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through = 1.0.3...

CVE-2025-23483

CVE-2025-23483 — The connected Red Hat/ENISA records confirm a Cross-Site Request Forgery (CSRF) vulnerability in Niklas Olsson’s Universal Analytics Injector plugin that enables Stored XSS. Affected: Universal Analytics Injector versions from 0? through 1.0.3 (per description: “from n/a through ...

WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Universal Analytics Injector versions = 1.0.3...

WordPress plugin Universal Analytics Injector 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-4900 · Niklas Olsson · Universal Analytics Injector

Name of the Vulnerable Software and Affected Versions: Niklas Olsson Universal Analytics Injector versions 1.0.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can perform actions on behalf of a user without the...

WordPress universal-analytics plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress universal-analytics plugin. An attacker can explo...

CVE-2016-10912

The universal-analytics plugin before 1.3.1 for WordPress has XSS...

CVE-2016-10912

The universal-analytics plugin before 1.3.1 for WordPress has XSS...

Cross site scripting

The universal-analytics plugin before 1.3.1 for WordPress has XSS...

CVE-2016-10912

The universal-analytics plugin before 1.3.1 for WordPress has XSS...

CVE-2016-10912

The CVE concerns the WordPress universal-analytics plugin, specifically versions before 1.3.1, which are reported to be vulnerable to cross-site scripting (XSS). The affected component is the universal-analytics plugin for WordPress; the root cause is not spelled out beyond the XSS description in...