VYPR
Vendor

Burst Statistics

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2026-8181CriMay 14, 2026
    risk 0.64cvss 9.8epss 0.15

    The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when…

  • CVE-2024-0405HigJan 17, 2024
    risk 0.47cvss 7.2epss 0.01

    The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable to Post-Authenticated SQL Injection via multiple JSON parameters in the /wp-json/burst/v1/data/compare endpoint. Affected parameters include 'browser', 'device', 'page_id',…

  • CVE-2024-1894MedMar 13, 2024
    risk 0.42cvss 6.4epss 0.01

    The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficient input sanitization and…

  • CVE-2025-53193MedJun 27, 2025
    risk 0.21cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Burst Statistics B.V. Burst Statistics burst-statistics allows Cross Site Request Forgery.This issue affects Burst Statistics: from n/a through <= 2.0.6.