2 matches found
WordPress ExactMetrics plugin 7.1.0-9.0.2 - Authenticated (Custom) Improper Privilege Management to Role Privilege Escalation via Settings Update vulnerability
Authenticated Custom Improper Privilege Management to Role Privilege Escalation via Settings Update vulnerability discovered by Ali Sünbül in WordPress Plugin ExactMetrics versions 7.1.0-9.0.2...
CVE-2025-24750
CVE-2025-24750 describes a Missing Authorization vulnerability in the WordPress plugin ExactMetrics (Google Analytics Dashboard for WordPress) up to version 8.1.0. The issue stems from incorrectly configured access control, enabling unauthorized access to protected functionality or data. The CVSS...