CVE-2022-3132

UNKNOWN 0.0

Goolytics - Simple Google Analytics < 1.1.2 - Admin+ Stored Cross-Site Scripting

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CWE	CWE-79
Vendor	unknown
Product	goolytics – simple google analytics
Published	Oct 3, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for unknown goolytics – simple google analytics

Be the first to know when new unknown vulnerabilities affecting unknown goolytics – simple google analytics are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Goolytics – Simple Google Analytics

1.1.2 < 1.1.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/ed2dc1b9-f9f9-4e99-87b3-a614c223dd64

Credits

Mika