Vulnerabilities > Analyticswp

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2024-13321 SQL Injection vulnerability in Analyticswp
The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'custom_sql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handle_get_stats() function.
network
low complexity
analyticswp CWE-89
critical
 9.8
9.8