Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SlimStat Analytics — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in SlimStat Analytics, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-1238 SlimStat Analytics <= 5.3.5 - Unauthenticated Stored Cross-Site Scripting via 'fh' CWE-79 7.2 High2026-03-19
CVE-2025-69323 WordPress Slimstat Analytics plugin <= 5.3.2 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 6.1AIMediumAI2026-02-20
CVE-2025-13431 SlimStat Analytics <= 5.3.1 - Authenticated (Subscriber+) SQL Injection via `args` Parameter CWE-89 6.5 Medium2026-02-11
CVE-2025-15055 SlimStat Analytics <= 5.3.4 - Unauthenticated Stored Cross-Site Scripting via 'notes/resource' Parameters CWE-79 7.2 High2026-01-09
CVE-2025-15057 SlimStat Analytics <= 5.3.3 - Unauthenticated Stored Cross-Site Scripting via 'fh' Parameter CWE-79 7.2 High2026-01-09
CVE-2025-14151 SlimStat Analytics <= 5.3.2 - Unauthenticated Stored Cross-Site Scripting CWE-79 7.2 High2025-12-19
CVE-2023-33994 WordPress Slimstat Analytics plugin <= 5.0.5.1 - Broken Access Control vulnerability CWE-862 8.2 -2024-12-13
CVE-2024-9548 Slimstat Analytics <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting CWE-79 7.2 High2024-10-14
CVE-2024-1073 SlimStat Analytics <= 5.1.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-02-02
CVE-2022-45373 WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to SQL Injection CWE-89 9.8 -2023-11-06
CVE-2023-4598 Slimstat Analytics <= 5.0.9 - Authenticated (Contributor+) Blind SQL Injection via Shortcode CWE-89 8.8 High2023-10-20
CVE-2023-40676 WordPress Slimstat Analytics Plugin <= 5.0.8 is vulnerable to Cross Site Scripting (XSS) CWE-79 5.9 Medium2023-09-27
CVE-2023-4597 Slimstat Analytics <= 5.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 6.4 Medium2023-08-30
CVE-2022-45366 WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-05-25
CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection 8.8 -2023-03-20
CVE-2022-4310 Slimstat Analytics < 4.9.3 - Unauthenticated Stored XSS 6.1 -2023-01-09

All 16 known CVE vulnerabilities affecting SlimStat Analytics with full Chinese analysis, references, and POCs where available.