VYPR

WP-Matomo Integration

by WordPress

CVEs (2)

  • CVE-2023-33211MedMay 28, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in André Bräkling WP-Matomo Integration (WP-Piwik) plugin <= 1.0.27 versions.

  • CVE-2023-4774MedSep 22, 2023
    risk 0.35cvss 6.4epss 0.01

    The WP-Matomo Integration (WP-Piwik) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…