EUVD-2015-9245

Malware in sbrugna...

CVE-2015-9405

The wp-piwik plugin before 1.0.5 for WordPress has XSS...

CVE-2023-4774 WP-Matomo Integration (WP-Piwik) <= 1.0.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP-Matomo Integration WP-Piwik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

WordPress WP-Piwik Plugin <= 1.0.28 is vulnerable to Cross Site Scripting (XSS)

Software WP-Piwik Type Plugin Vulnerable versions = 1.0.28 Fixed in 1.0.29 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4774 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f64120d18a7 Credits Lana Codes Required privilege...

WordPress WP-Matomo Integration Plugin < 1.0.5 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-piwikproject:wp-piwik"; ifdescription...

CVE-2023-33211

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in André Bräkling WP-Matomo Integration WP-Piwik plugin = 1.0.27 versions...

CVE-2023-33211

The CVE-2023-33211 entry concerns the WordPress WP-Piwik (WP-Matomo Integration) plugin. A Stored Cross-Site Scripting (XSS) vulnerability exists in versions up to and including 1.0.27 when authenticated as admin+ (requires administrator privileges). The root cause is an XSS flaw in the plugin’s ...

WordPress WP-Piwik Plugin <= 1.0.27 is vulnerable to Cross Site Scripting (XSS)

Software WP-Piwik Type Plugin Vulnerable versions = 1.0.27 Fixed in 1.0.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33211 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad3206a1c4bc Credits Nithissh S Required privileg...

WP-Matomo Integration (WP-Piwik) < 1.0.27 - Plugin Settings Reset via CSRF

The plugin does not have CSRF when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack https://example.com/wp-admin/options-general.php?page=wp-piwik%2Fclasses%2FWPPiwik.php&clear=2...

CVE-2015-9405

The wp-piwik plugin before 1.0.5 for WordPress has XSS...

Cross site scripting

The wp-piwik plugin before 1.0.5 for WordPress has XSS...

CVE-2015-9405

The wp-piwik plugin before 1.0.5 for WordPress has XSS...

CVE-2015-9405

CVE-2015-9405 affects the WordPress plugin WP-Piwik (WP-Matomo Integration) prior to version 1.0.5, with a Cross-Site Scripting (XSS) vulnerability reported. The vulnerability is documented across multiple feeds (NVD/NIST, RH Red Hat advisory, OpenVAS/NASL listing, WPVulndb, CVE list) and is desc...