🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy)

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy)

Information

Software Type	Plugin
Software Slug	wp-analytify (view on wordpress.org)
Software Status	Active
Software Author	hiddenpearls
Software Website	analytify.io
Software Downloads	1,949,585
Software Active Installs	40,000
Software Record Last Updated	May 4, 2024

8 Vulnerabilities

Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization

5.4

CVE-2024-1809

Apr 29, 2024

Researcher: Lucio Sá

Analytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification

5.3

CVE-2024-1584

Apr 26, 2024

Researcher: Francesco Carlucci

Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery

4.3

CVE-2023-47841

Nov 20, 2023

Researcher: Abdi Pranata

Analytify Dashboard <= 5.1.0 - Missing Authorization to Opt-In

4.3

CVE-2023-41695

Sep 5, 2023

Researcher: Abdi Pranata

Analytify <= 4.2.3 - Missing Authorization & Cross-Site Request Forgery

4.3

CVE-2022-45830

Jan 3, 2023

Researcher: Tien Nguyen Ahn

Analytify – Google Analytics Dashboard For WordPress <= 4.2.2 - Cross-Site Request Forgery

8.8

CVE-2022-38137

Sep 29, 2022

Researcher: Muhammad Daffa

Analytify – Google Analytics Dashboard For WordPress <= 4.2.2 - Authorization Bypass

6.5

CVE ID Unknown

Aug 22, 2022

Researchers:

Analytify <= 4.2.0 - Reflected Cross-Site Scripting

6.1

CVE ID Unknown

Jun 20, 2022

Researcher: WPScanTeam

Title	CVE ID	CVSS	Researchers	Date
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) <= 5.2.3 - Missing Authorization	CVE-2024-1809	5.4	Lucio Sá	April 29, 2024
Analytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification	CVE-2024-1584	5.3	Francesco Carlucci	April 26, 2024
Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery	CVE-2023-47841	4.3	Abdi Pranata	November 20, 2023
Analytify Dashboard <= 5.1.0 - Missing Authorization to Opt-In	CVE-2023-41695	4.3	Abdi Pranata	September 5, 2023
Analytify <= 4.2.3 - Missing Authorization & Cross-Site Request Forgery	CVE-2022-45830	4.3	Tien Nguyen Ahn	January 3, 2023
Analytify – Google Analytics Dashboard For WordPress <= 4.2.2 - Cross-Site Request Forgery	CVE-2022-38137	8.8	Muhammad Daffa	September 29, 2022
Analytify – Google Analytics Dashboard For WordPress <= 4.2.2 - Authorization Bypass		6.5		August 22, 2022
Analytify <= 4.2.0 - Reflected Cross-Site Scripting		6.1	WPScanTeam	June 20, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation