cleantalk
Vulnerabilities and Security Researches

SlimStat Analytics, 96f9b0c5-014a-4ccf-a47d-58ba4b5998e5

CVE, Research URL

96f9b0c5-014a-4ccf-a47d-58ba4b5998e5

Home page URL

Security reports for SlimStat Analytics

Application

SlimStat Analytics

Published on
-
Research Description
SlimStat Analytics [wp-slimstat] < 4.8.4 WP Slimstat &lt;= 4.8.3 - CSRF to Stored XSS and Setting Updates Lack of CSRF check and sanitisation in the update_settings() function can lead to settings update, as well as Stored XSS issues
Affected versions
max 4.8.4.
Status
vulnerable
Previous vulnerability researches
SlimStat Analytics (CVE-2025-14151) , Jan 27, 2026
SlimStat Analytics (CVE-2026-7634) , May 28, 2026
SlimStat Analytics (1528b3cc3937a9c81cc4137bbfaec62f4b90c0a7) , Jun 16, 2026
SlimStat Analytics (4fbce60766f41ab69ebf656812aed786c85670f7) , Jun 16, 2026
SlimStat Analytics (b5e70d40a63186346fbc7932d21b5656229b5f12) , Jun 16, 2026
New vulnerability
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2026-11777) , Jun 19, 2026
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2026-11776) , Jun 19, 2026
LearnPress &#8211; WordPress LMS Plugin (CVE-2026-8383) , Jun 19, 2026
WP Travel Gutenberg Blocks (CVE-2026-54808) , Jun 19, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-12157) , Jun 19, 2026