| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5488 | ExactMetrics <= 9.1.2 - Authenticated (Subscriber+) Missing Authorization to Google Ads Access Token Retrieval via AJAX Action 'exactmetrics_ads_get_token' | smub | ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) | Medium | 5.3 | 2026-04-24 03:27:06 | Deep Dive |
| CVE-2026-6920 | Google Chrome 缓冲区错误漏洞 | Chrome | - | - | 2026-04-23 16:12:24 | Deep Dive | |
| CVE-2026-6921 | Google Chrome 竞争条件问题漏洞 | Chrome | - | - | 2026-04-23 16:12:24 | Deep Dive | |
| CVE-2026-6919 | Google Chrome 资源管理错误漏洞 | Chrome | - | - | 2026-04-23 16:12:23 | Deep Dive | |
| CVE-2026-3259 | Sensitive Data Disclosure in BigQuery via Materialized View Error Messages | Google Cloud | BigQuery | - | - | 2026-04-23 08:35:04 | Deep Dive |
| CVE-2026-5464 | ExactMetrics <= 9.1.2 - Authenticated (Editor+) Arbitrary Plugin Installation/Activation via exactmetrics_connect_process | smub | ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) | High | 7.2 | 2026-04-23 08:28:26 | Deep Dive |
| CVE-2026-6294 | Google PageRank Display <= 1.4 - Cross-Site Request Forgery to Settings Update via Settings Page | byybora | Google PageRank Display | Medium | 4.3 | 2026-04-22 07:45:42 | Deep Dive |
| CVE-2026-3488 | WP Statistics <= 14.16.4 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure and Privacy Audit Manipulation | veronalabs | WP Statistics – Simple, privacy-friendly Google Analytics alternative | Medium | 6.5 | 2026-04-17 01:24:38 | Deep Dive |
| CVE-2026-5231 | WP Statistics <= 14.16.4 - Unauthenticated Stored Cross-Site Scripting via 'utm_source' Parameter | veronalabs | WP Statistics – Simple, privacy-friendly Google Analytics alternative | High | 7.2 | 2026-04-17 01:24:38 | Deep Dive |
| CVE-2025-13364 | WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters <= 4.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'put_wpgm' Shortcode | flippercode | WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters | Medium | 6.4 | 2026-04-16 06:44:52 | Deep Dive |
| CVE-2026-3581 | Basic Google Maps Placemarks <= 1.10.7 - Missing Authorization to Unauthenticated Default Map Coordinate Update | iandunn | Basic Google Maps Placemarks | Medium | 5.3 | 2026-04-16 05:29:55 | Deep Dive |
| CVE-2026-6364 | Google Chrome 安全漏洞 | Chrome | 中危 | - | 2026-04-15 19:04:59 | Deep Dive | |
| CVE-2026-6319 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:59 | Deep Dive | |
| CVE-2026-6363 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:58 | Deep Dive | |
| CVE-2026-6318 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:58 | Deep Dive | |
| CVE-2026-6317 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:58 | Deep Dive | |
| CVE-2026-6361 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:57 | Deep Dive | |
| CVE-2026-6362 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:57 | Deep Dive | |
| CVE-2026-6316 | Google Chrome 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:56 | Deep Dive | |
| CVE-2026-6315 | Google Chrome on Android 安全漏洞 | Chrome | 高危 | - | 2026-04-15 19:04:56 | Deep Dive |