Sumo

sumo

7 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Google Analyticator

google_analyticator

Social Share Boost

social_share_boost

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-25033 1Sumo 1Social Share Boost Nov 21, 2024 Oct 6, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.
CVE-2023-25044 1Sumo 1Social Share Boost Nov 21, 2024 Sep 1, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.
CVE-2023-23688 1Sumo 1Social Share Boost Nov 21, 2024 May 15, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.
CVE-2022-4323 1Sumo 1Google Analyticator Apr 2, 2025 Jan 23, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
CVE-2022-3425 1Sumo 1Google Analyticator Apr 2, 2025 Jan 23, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
CVE-2009-5158 1Sumo 1Google Analyticator Nov 21, 2024 Aug 22, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text.
CVE-2015-4697 1Sumo 1Google Analyticator May 13, 2026 Sep 7, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Google Analyticator Wordpress Plugin before 6.4.9.3 rev @1183563.