CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2026/01/09 9:26 a.m.•8 views

CVE-2023-4774

The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS5.8AI score0.00523EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-37381

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00396EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-54620

Malicious code in bioql PyPI...

6.4CVSS6.1AI score0.00523EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 4:56 a.m.•7 views

CVE-2023-33211

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...

5.9CVSS5.6AI score0.00396EPSS

Exploits0References1

Prion•added 2023/09/22 6:15 a.m.•17 views

Cross site scripting

4.9CVSS5.3AI score0.00523EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/09/22 5:31 a.m.•7 views

CVE-2023-4774

6.4CVSS5.7AI score0.00523EPSS

Exploits0References3

CVE•added 2023/09/22 5:31 a.m.•88 views

CVE-2023-4774

WP-Matomo Integration (WP-Piwik) for WordPress is affected by CVE-2023-4774 via a stored XSS in the wp-piwik shortcode. Versions up to and including 1.0.28 are vulnerable due to insufficient input sanitization and output escaping on shortcode attributes, allowing authenticated attackers with cont...

6.4CVSS5.1AI score0.00523EPSS

Exploits0References3Affected Software1

OpenVAS•added 2023/09/21 12:0 a.m.•15 views

WordPress WP-Matomo Integration Plugin < 1.0.28 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-piwikproject:wp-piwik"; ifdescription...

5.9CVSS7AI score0.00396EPSS

Exploits0References1

OpenVAS•added 2023/09/12 12:0 a.m.•7 views

WordPress WP-Matomo Integration Plugin < 1.0.27 CSRF Vulnerability

7.2AI score

Exploits0References1

OpenVAS•added 2023/09/12 12:0 a.m.•9 views

WordPress WP-Matomo Integration Plugin < 1.0.11 XSS Vulnerability

7.2AI score

Exploits0References1

NVD•added 2023/05/28 7:15 p.m.•14 views

CVE-2023-33211

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...

5.9CVSS5.4AI score0.00396EPSS

Exploits0References1

Prion•added 2023/05/28 7:15 p.m.•24 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...

4.3CVSS4.8AI score0.00396EPSS

Exploits0References1Affected Software1

CVE•added 2023/05/28 6:14 p.m.•70 views

CVE-2023-33211

The CVE-2023-33211 entry concerns the WordPress WP-Piwik (WP-Matomo Integration) plugin. A Stored Cross-Site Scripting (XSS) vulnerability exists in versions up to and including 1.0.27 when authenticated as admin+ (requires administrator privileges). The root cause is an XSS flaw in the plugin’s ...

5.9CVSS5AI score0.00396EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/05/28 6:14 p.m.•18 views

CVE-2023-33211 WordPress WP-Piwik Plugin <= 1.0.27 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...

5.9CVSS5.5AI score0.00396EPSS

Exploits0References1

Positive Technologies•added 2023/05/28 12:0 a.m.•2 views

PT-2023-24222 · André Bräkling · André Bräkling Wp-Matomo Integration

Name of the Vulnerable Software and Affected Versions: André Bräkling WP-Matomo Integration WP-Piwik plugin versions prior to 1.0.28 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For André...

5.9CVSS5.3AI score0.00396EPSS

Exploits0References3

WPVulnDB•added 2022/02/14 12:0 a.m.•14 views

WP-Matomo Integration (WP-Piwik) < 1.0.27 - Plugin Settings Reset via CSRF

The plugin does not have CSRF when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack PoC https://example.com/wp-admin/options-general.php?page=wp-piwik%2Fclasses%2FWPPiwik.php=2...

6.7AI score

Exploits0References1Affected Software1

wpexploit•added 2022/02/14 12:0 a.m.•135 views

WP-Matomo Integration (WP-Piwik) < 1.0.27 - Plugin Settings Reset via CSRF

The plugin does not have CSRF when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack https://example.com/wp-admin/options-general.php?page=wp-piwik%2Fclasses%2FWPPiwik.php&clear=2...

6.8AI score

Exploits0References1

WPVulnDB•added 2016/09/02 12:0 a.m.•8 views

WP-Piwik <= 1.0.10 - Unauthenticated Stored Cross-Site Scripting (XSS)

The WP-Matomo Integration WP-Piwik WordPress plugin was affected by an Unauthenticated Stored Cross-Site Scripting XSS security vulnerability...

5.8AI score

Exploits0References2Affected Software1

WPVulnDB•added 2015/10/13 12:0 a.m.•29 views

WP-Piwik <= 1.0.4 - Cross-Site Scripting (XSS)

The WP-Matomo Integration WP-Piwik WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS5.8AI score0.01493EPSS

Exploits0References1Affected Software1