SlimStat Analytics, CVE-2022-4310

CVE, Research URL: CVE-2022-4310
Home page URL: Security reports for SlimStat Analytics
Application: SlimStat Analytics
Published on: Jan 10, 2023
Research Description: The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs
Affected versions: max 3.9.6.
Status: vulnerable