CVE-2024-12072 in Analytics Cat Pluginالمعلومات

الملخص

بحسب MITRE • 12/12/2024

The Analytics Cat – Google Analytics Made Easy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute if they can successfully trick a user into performing an action, such as clicking on a specially crafted link.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

مسؤول

Wordfence

حجز

02/12/2024

إفشاء

12/12/2024

الاعتدال

تمت الموافقة

إدخال

VDB-287959

EPSS

0.00291

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!