MonsterInsights — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting MonsterInsights. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MonsterInsights is a popular WordPress analytics plugin that connects Google Analytics to WordPress websites. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin has accumulated three CVEs to date, with past incidents allowing attackers to execute arbitrary code, inject malicious scripts, and gain elevated access through improper input validation and insufficient access controls. These vulnerabilities typically stem from inadequate sanitization of user inputs and improper permission checks, potentially compromising entire WordPress installations when exploited.

Top products by MonsterInsights: MonsterInsights MonsterInsights Pro Google Analytics by Monster Insights

CVEs 3

CVE ID	Title	CVSS	Severity	Published
CVE-2023-52220	WordPress MonsterInsights plugin <= 8.21.0 - Broken Access Control vulnerability — Google Analytics by Monster InsightsCWE-862	4.3	Medium	2024-04-25
CVE-2023-32291	WordPress MonsterInsights Pro Plugin <= 8.14.1 is vulnerable to Cross Site Scripting (XSS) — MonsterInsights ProCWE-79	6.5	Medium	2023-11-30
CVE-2023-23999	WordPress Google Analytics by Monster Insights Plugin <= 8.14.0 is vulnerable to Cross Site Scripting (XSS) — MonsterInsightsCWE-79	6.5	Medium	2023-05-18

This page lists every published CVE security advisory associated with MonsterInsights. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

MonsterInsights — Vulnerabilities & Security Advisories 3