cleantalk
Vulnerabilities and Security Researches

WP Statistics, CVE-2026-48839

CVE, Research URL

CVE-2026-48839

Home page URL

Security reports for WP Statistics

Application

WP Statistics

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6.
Affected versions
max 14.16.7.
Status
vulnerable
Previous vulnerability researches
WordPress-WPJobBoard (ee524e034b1a80cf8784b7b3d23608b713633d06) , Jun 14, 2026
WordPress-WPJobBoard (CVE-2025-49455) , Jul 18, 2025
New vulnerability
WP Statistics (CVE-2026-48839) , Jun 14, 2026
WP Statistics (CVE-2026-3488) , Jun 14, 2026
WP Statistics (CVE-2026-5231) , Jun 14, 2026
FAQ Manager For Divi, Gutenberg Block & Shortcode (CVE-2023-33999) , Jun 14, 2026
TablePress – Tables in WordPress made easy (CVE-2023-33999) , Jun 14, 2026