VYPR

Google Analytics Dashboard for WordPress

by ExactMetrics

Source repositories

CVEs (3)

  • CVE-2026-1993HigMar 11, 2026
    risk 0.50cvss 8.8epss 0.00

    The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Improper Privilege Management in versions 7.1.0 through 9.0.2. This is due to the `update_settings()` function accepting arbitrary plugin setting names without a whitelist of allowed settings.…

  • CVE-2026-5464HigApr 23, 2026
    risk 0.47cvss 7.2epss 0.01

    The ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the…

  • CVE-2026-5488MedApr 24, 2026
    risk 0.34cvss 5.3epss 0.00

    The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 9.1.2. This is due to missing capability checks in the get_ads_access_token() and reset_experience() AJAX handlers. While the…