Google Analytics WordPress Plugin by GA4WP, CVE-2025-68028

CVE, Research URL: CVE-2025-68028
Home page URL: Security reports for Google Analytics WordPress Plugin by GA4WP
Application: Google Analytics WordPress Plugin by GA4WP
Published on: Feb 20, 2026
Research Description: Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through <= 2.10.0.
Affected versions: max 2.10.0.
Status: vulnerable