cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-1809,https://securityvulnerability.io/vulnerability/CVE-2024-1809,Unauthorized Data Access in Analytify Plugin for WordPress,"The Analytify – Google Analytics Dashboard for WordPress allows unauthorized access to sensitive data due to a missing capability check on AJAX functions. This issue, combined with nonce leakage, affects all versions up to and including 5.2.3, enabling authenticated users with subscriber access or higher to retrieve sensitive plugin settings, posing a significant risk to user data.",Wordpress,Analytify – Google Analytics Dashboard For WordPress (ga4 Analytics Made Easy),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-02T16:52:16.449Z,0
CVE-2024-1584,https://securityvulnerability.io/vulnerability/CVE-2024-1584,Unauthorized Data Modification in Analytify Plugin for WordPress,"The Analytify plugin for WordPress is susceptible to unauthorized data modification due to an absence of a capability check in the 'wpa_check_authentication' function. This flaw impacts all versions up to and including 5.2.1, enabling unauthenticated attackers to alter the site's Google Analytics tracking ID, posing significant risks to data integrity and analytics accuracy.",Wordpress,Analytify – Google Analytics Dashboard For WordPress (ga4 Analytics Made Easy),5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-02T16:51:55.037Z,0