cleantalk
Vulnerabilities and Security Researches

WP Statistics, CVE-2026-48839

CVE, Research URL

CVE-2026-48839

Home page URL

Security reports for WP Statistics

Application

WP Statistics

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6.
Affected versions
max 14.16.7.
Status
vulnerable
Previous vulnerability researches
LWS Optimize (CVE-2026-12089) , Jun 14, 2026
LWS Optimize (CVE-2024-30541) , Jun 06, 2024
LWS Optimize (ba397287a26d5cbc01e8e94271d431879e510091) , Jun 06, 2024
New vulnerability
WP Statistics (CVE-2026-48839) , Jun 14, 2026
WP Statistics (CVE-2026-3488) , Jun 14, 2026
WP Statistics (CVE-2026-5231) , Jun 14, 2026
FAQ Manager For Divi, Gutenberg Block & Shortcode (CVE-2023-33999) , Jun 14, 2026
TablePress – Tables in WordPress made easy (CVE-2023-33999) , Jun 14, 2026