Wp Search Analytics
by WordPress
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-27357 | Med | 0.34 | 5.3 | — | May 25, 2026 | Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0. | ||
| CVE-2024-9209 | Med | 0.33 | 6.1 | 0.03 | Oct 1, 2024 | The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject… | ||
| CVE-2023-30471 | 0.00 | — | 0.00 | Sep 27, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.7 versions. | |||
| CVE-2022-47587 | 0.00 | — | 0.00 | May 10, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.5 versions. |
- risk 0.34cvss 5.3epss —
Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0.
- risk 0.33cvss 6.1epss 0.03
The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject…
- CVE-2023-30471Sep 27, 2023risk 0.00cvss —epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.7 versions.
- CVE-2022-47587May 10, 2023risk 0.00cvss —epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cornel Raiu WP Search Analytics plugin <= 1.4.5 versions.