Latest

Input validation vulnerability in WP-Matomo Integration (WP-Piwik) 1.0.10

Severity: high-risk
Status: Fixed
Publication: September 2, 2016

The WP-Matomo Integration (WP-Piwik) plugin for WordPress is vulnerable to a security issue known as Stored Cross-Site Scripting. This issue affects versions of the plugin before 1.0.11. It occurs because the plugin does not properly filter user input or escape output. This means that malicious actors may be able to inject malicious scripts into pages. When a user visits the page, the malicious script will run. This could allow the malicious actor to take control of the page and access user data. To prevent this issue, make sure to update to version 1.0.11 of the plugin.

Detected in:

Connect Matomo – Analytics Dashboard for WordPress fixed vulnerable versions:

Connect Matomo (WP-Matomo, WP-Piwik) fixed vulnerable versions:

WP-Matomo Integration (WP-Piwik) fixed vulnerable versions: >= * <= 1.0.10

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Input validation vulnerability in WP-Matomo Integration (WP-Piwik) 1.0.10

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Input validation vulnerability in WP-Matomo Integration (WP-Piwik) 1.0.10

Detected in: