Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative), with AI-generated Chinese analysis, references, and POCs.

Vendor: burstbv

CVE ID	Title	CVSS	Severity	Published
CVE-2026-8181	Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover CWE-287	9.8	Critical	2026-05-14
CVE-2024-1894	Burst Statistics – Privacy-Friendly Analytics for WordPress <= 1.5.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via burst_total_pageviews_count CWE-79	6.4	Medium	2024-03-13
CVE-2024-0405	Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection CWE-89	7.2	High	2024-01-17

All 3 known CVE vulnerabilities affecting Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) — Vulnerabilities & Security Advisories 3