cleantalk
Vulnerabilities and Security Researches

WP Statistics, CVE-2026-48839

CVE, Research URL

CVE-2026-48839

Home page URL

Security reports for WP Statistics

Application

WP Statistics

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6.
Affected versions
max 14.16.7.
Status
vulnerable
Previous vulnerability researches
CM Email Registration Blacklist and Whitelist (CVE-2025-24694) , Jun 13, 2026
CM Email Registration Blacklist and Whitelist (CVE-2024-11202) , Nov 27, 2024
CM Email Registration Blacklist and Whitelist (CVE-2024-5167) , Jun 28, 2024
CM Email Registration Blacklist and Whitelist (CVE-2025-24758) , Feb 19, 2025
CM Email Registration Blacklist and Whitelist (CVE-2026-0691) , Apr 16, 2026
New vulnerability
Canvas (CVE-2026-9629) , Jun 14, 2026
WP Statistics (CVE-2026-48839) , Jun 14, 2026
WP Statistics (CVE-2026-3488) , Jun 14, 2026
WP Statistics (CVE-2026-5231) , Jun 14, 2026
FAQ Manager For Divi, Gutenberg Block & Shortcode (CVE-2023-33999) , Jun 14, 2026