cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-6637,https://securityvulnerability.io/vulnerability/CVE-2023-6637,Unauthorized Data Modification in CAOS | Host Google Analytics Locally Plugin for WordPress,"The CAOS | Host Google Analytics Locally plugin for WordPress has a vulnerability that allows unauthenticated attackers to exploit the absence of a capability check in the 'update_settings' function, present in versions up to 4.7.14. This flaw could lead to unauthorized modifications of the plugin settings, thereby posing a significant risk to website security and compromising data integrity.",Wordpress,CAOS | Host Google Analytics Locally,5.3,MEDIUM,0.0008299999753944576,false,,false,false,false,,false,false,2024-01-11T08:32:35.681Z,0
CVE-2021-25020,https://securityvulnerability.io/vulnerability/CVE-2021-25020,CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path Traversal,"The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin",Wordpress,Caos | Host Google Analytics Locally,4.9,MEDIUM,0.0005600000149570405,false,,false,false,false,,false,false,2022-01-03T13:15:00.000Z,0