| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9548 | Slimstat Analytics <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting | veronalabs | SlimStat Analytics | High | 7.2 | 2024-10-14 23:29:57 | Deep Dive |
| CVE-2024-8513 | QA Analytics <= 4.1.1.1 - Missing Authorization to Unauthenticated Settings Update | quarka | QA Assistants – Driven by data | Medium | 5.3 | 2024-10-10 02:06:05 | Deep Dive |
| CVE-2024-9100 | Local File Inclusion | ManageEngine | Analytics Plus | Medium | 6.5 | 2024-10-03 14:17:03 | Deep Dive |
| CVE-2024-9209 | WP Search Analytics <= 1.4.10 - Reflected Cross-Site Scripting | cornelraiu-1 | Search Analytics for WP | Medium | 6.1 | 2024-10-01 08:30:13 | Deep Dive |
| CVE-2024-8662 | Koko Analytics <= 1.3.12 - Reflected Cross-Site Scripting | dvankooten | Koko Analytics – Privacy Friendly Statistics for WordPress | Medium | 6.1 | 2024-09-24 01:56:48 | Deep Dive |
| CVE-2024-40703 | IBM Cognos Analytics information disclosure | IBM | Cognos Analytics | Medium | 5.5 | 2024-09-22 12:20:28 | Deep Dive |
| CVE-2024-28981 | Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials | Hitachi Vantara | Pentaho Data Integration & Analytics | High | 8.5 | 2024-09-11 23:27:42 | Deep Dive |
| CVE-2024-5879 | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget | hubspotdev | HubSpot All-In-One Marketing – Forms, Popups, Live Chat | Medium | 6.4 | 2024-08-30 04:29:57 | Deep Dive |
| CVE-2024-35143 | IBM Planning Analytics Local missing authentication | IBM | Planning Analytics Local | Medium | 6.7 | 2024-08-04 13:03:10 | Deep Dive |
| CVE-2024-25041 | IBM Cognos Analytics cross-site scripting | IBM | Cognos Analytics | Medium | 5.4 | 2024-06-28 18:55:55 | Deep Dive |
| CVE-2024-25053 | IBM Cognos Analytics improper certificate validation | IBM | Cognos Analytics | Medium | 5.9 | 2024-06-28 18:53:49 | Deep Dive |
| CVE-2024-6288 | Conversios.io - All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce <= 7.1.0 - Reflected Cross-Site Scripting | tatvic | Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels | Medium | 4.7 | 2024-06-28 06:57:47 | Deep Dive |
| CVE-2024-28984 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Hitachi Vantara | Pentaho Business Analytics Server | High | 8.8 | 2024-06-26 22:41:57 | Deep Dive |
| CVE-2024-28983 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Hitachi Vantara | Pentaho Business Analytics Server | High | 8.8 | 2024-06-26 22:40:16 | Deep Dive |
| CVE-2024-28982 | Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference | Hitachi Vantara | Pentaho Business Analytics Server | High | 7.1 | 2024-06-26 22:37:01 | Deep Dive |
| CVE-2024-31907 | IBM Planning Analytics 跨站脚本漏洞 | IBM | Planning Analytics Local | Medium | 5.4 | 2024-05-31 13:09:57 | Deep Dive |
| CVE-2024-31908 | IBM Planning Analytics Local cross-site scripting | IBM | Planning Analytics Local | Medium | 6.4 | 2024-05-31 13:05:34 | Deep Dive |
| CVE-2024-31889 | IBM Planning Analytics Local cross-site scripting | IBM | Planning Analytics Local | Medium | 5.4 | 2024-05-31 12:57:26 | Deep Dive |
| CVE-2024-25047 | IBM Cognos Analytics log injection | IBM | Cognos Analytics | High | 8.6 | 2024-05-02 20:09:21 | Deep Dive |