VYPR

Fathom Analytics

by WordPress

CVEs (1)

  • CVE-2021-41836MedDec 14, 2021
    risk 0.31cvss 4.8epss 0.01

    The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the $site_id parameter found in the ~/fathom-analytics.php file which allowed attackers with administrative user access to inject arbitrary…