| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1809 | Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization | hiddenpearls | Analytify – Google Analytics Dashboard For WordPress (GA4 analytics tracking) | Medium | 5.4 | 2024-05-02 16:52:16 | Deep Dive |
| CVE-2024-1584 | Analytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification | hiddenpearls | Analytify – Google Analytics Dashboard For WordPress (GA4 analytics tracking) | Medium | 5.3 | 2024-05-02 16:51:55 | Deep Dive |
| CVE-2023-52220 | WordPress MonsterInsights plugin <= 8.21.0 - Broken Access Control vulnerability | MonsterInsights | Google Analytics by Monster Insights | Medium | 4.3 | 2024-04-25 09:33:37 | Deep Dive |
| CVE-2024-32145 | WordPress WP Google Analytics Events – No-Code Custom Event Tracking for Google Analytics plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability | PineWise | WP Google Analytics Events | High | 7.1 | 2024-04-15 07:03:14 | Deep Dive |
| CVE-2024-31937 | WordPress TWIPLA (Visitor Analytics IO) plugin <= 1.2.0 - Cross-Site Scripting (XSS) vulnerability | Visitor Analytics | TWIPLA (Visitor Analytics IO) | Medium | 5.9 | 2024-04-11 12:13:12 | Deep Dive |
| CVE-2022-45851 | WordPress ShareThis Dashboard for Google Analytics plugin <= 3.1.4 - Broken Access Control vulnerability | ShareThis | ShareThis Dashboard for Google Analytics | Medium | 5.4 | 2024-03-25 11:30:02 | Deep Dive |
| CVE-2024-29094 | WordPress HT Easy GA4 plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability | HasThemes | HT Easy GA4 ( Google Analytics 4 ) | High | 7.1 | 2024-03-19 16:38:15 | Deep Dive |
| CVE-2024-1894 | Burst Statistics – Privacy-Friendly Analytics for WordPress <= 1.5.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via burst_total_pageviews_count | burstbv | Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) | Medium | 6.4 | 2024-03-13 15:27:27 | Deep Dive |
| CVE-2024-1203 | Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce <= 7.0.7 - Authenticated (Subscriber+) SQL Injection | tatvic | Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels | High | 8.8 | 2024-03-13 15:26:59 | Deep Dive |
| CVE-2024-1176 | HT Easy GA4 – Google Analytics WordPress Plugin <= 1.1.5 - Missing Authorization to Unauthenticated GA4 Email Update | htplugins | HT Easy GA4 – Google Analytics WordPress Plugin | Medium | 5.3 | 2024-03-13 15:26:34 | Deep Dive |
| CVE-2024-21330 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | Microsoft | System Center Operations Manager (SCOM) 2019 | High | 7.8 | 2024-03-12 16:57:57 | Deep Dive |
| CVE-2024-2005 | SAML implementation allows privilege escalation | Blue Planet | Inventory (BPI) | Critical | 9.0 | 2024-03-05 18:54:01 | Deep Dive |
| CVE-2023-5617 | Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information | Hitachi Vantara | Pentaho Data Integration & Analytics | Medium | 5.3 | 2024-02-28 22:30:40 | Deep Dive |
| CVE-2024-0786 | Conversios <= 7.0.7 - Authenticated (Subscriber+) SQL Injection via ee_syncProductCategory | tatvic | Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels | High | 8.8 | 2024-02-28 08:33:13 | Deep Dive |
| CVE-2023-43051 | IBM Cognos Analytics cross-site scripting | IBM | Cognos Analytics | Medium | 5.4 | 2024-02-24 15:40:44 | Deep Dive |
| CVE-2022-34357 | IBM Cognos Analytics Mobile Server denial of service | IBM | Cognos Analytics | Medium | 6.5 | 2024-02-24 15:38:50 | Deep Dive |
| CVE-2023-30996 | IBM Cognos Analytics cross-origin resource sharing | IBM | Cognos Analytics | Medium | 5.3 | 2024-02-24 15:35:48 | Deep Dive |
| CVE-2023-32344 | IBM Cognos Analytics cross-site request forgery | IBM | Cognos Analytics | Medium | 4.3 | 2024-02-24 15:29:34 | Deep Dive |
| CVE-2023-38359 | IBM Cognos Analytics cross-site scripting | IBM | Cognos Analytics | Medium | 6.1 | 2024-02-24 15:27:08 | Deep Dive |
| CVE-2023-6923 | Matomo <= 4.15.3 - Reflected Cross-Site Scripting via idsite | matomoteam | Matomo Analytics – Powerful, Privacy-First Insights for WordPress | Medium | 6.1 | 2024-02-20 18:56:24 | Deep Dive |