cleantalk
Vulnerabilities and Security Researches

WP Statistics, CVE-2026-48839

CVE, Research URL

CVE-2026-48839

Home page URL

Security reports for WP Statistics

Application

WP Statistics

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6.
Affected versions
max 14.16.7.
Status
vulnerable
Previous vulnerability researches
Colibri Page Builder (CVE-2025-32185) , Apr 05, 2025
Colibri Page Builder (CVE-2025-11376) , Jan 10, 2026
Colibri Page Builder (CVE-2024-4451) , Jun 08, 2024
Colibri Page Builder (CVE-2025-9560) , Nov 10, 2025
Colibri Page Builder (CVE-2025-59593) , Oct 11, 2025
New vulnerability
WP Statistics (CVE-2026-48839) , Jun 14, 2026
WP Statistics (CVE-2026-3488) , Jun 14, 2026
WP Statistics (CVE-2026-5231) , Jun 14, 2026
FAQ Manager For Divi, Gutenberg Block & Shortcode (CVE-2023-33999) , Jun 14, 2026
TablePress – Tables in WordPress made easy (CVE-2023-33999) , Jun 14, 2026