Solid Plugins Analyticswp vulnerabilities
4 known vulnerabilities affecting solid_plugins/analyticswp.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-39389P2CRITICALCVSS 9.3≥ n/a, ≤ 2.1.22025-05-19
CVE-2025-39389 [CRITICAL] CWE-89 CVE-2025-39389: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solid Plugins AnalyticsWP allows SQL Injection.This issue affects AnalyticsWP: from n/a through 2.1.2.
nvd
CVE-2024-13321P3CRITICALCVSS 9.8≤ 2.0.02025-03-14
CVE-2024-13321 [CRITICAL] CWE-89 CVE-2024-13321: The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'custom_sql' parameter i
The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'custom_sql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handle_get_stats() function. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be us
nvd
CVE-2025-39388P4MEDIUMCVSS 5.3≥ n/a, ≤ 2.0.02025-05-19
CVE-2025-39388 [MEDIUM] CWE-862 CVE-2025-39388: Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not
Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AnalyticsWP: from n/a through 2.0.0.
nvd
CVE-2025-39394P4MEDIUMCVSS 5.3≥ n/a, ≤ 2.1.22025-05-19
CVE-2025-39394 [MEDIUM] CWE-497 CVE-2025-39394: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Pl
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2.
nvd