CVE-2024-1584

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpa_check_authentication' function in all versions up to, and including, 5.2.1. This makes it possible for unauthenticated attackers to modify the site's Google Analytics tracking ID.

Related Vulnerabilities

CVE-2001-1533

MEDIUM
CVSS:5.3(Medium)

Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying ...

NVD-CWE-Other2001

CVE-2013-7446

MEDIUM
CVSS:5.3(Medium)

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted ep...

NVD-CWE-Other2013

CVE-2014-5278

MEDIUM
CVSS:5.3(Medium)

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.

NVD-CWE-Other2014

CVE-2015-7279

MEDIUM
CVSS:5.3(Medium)

Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by...

NVD-CWE-Other2015

CVE-2015-8287

MEDIUM
CVSS:5.3(Medium)

Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL.

NVD-CWE-Other2015