216.73.217.86

CVE-2026-1992

· Published 11/03/2026 10:16 · Modified 11/03/2026 13:52

Labels: CVE-2026-1992 2026-03-11CVE-2026-1992CWE-639[email protected]

Essential information

Published
11/03/2026 10:16
Modified
11/03/2026 13:52
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Insecure Direct Object Reference in versions 8.6.0 through 9.0.2. This is due to the `store_settings()` method in the `ExactMetrics_Onboarding` class accepting a user-supplied `triggered_by` parameter that is used instead of the current user's ID to check permissions. This makes it possible for authenticated attackers with the `exactmetrics_save_settings` capability to bypass the `install_plugins` capability check by specifying an administrator's user ID in the `triggered_by` parameter, allowing them to install arbitrary plugins and achieve Remote Code Execution. This vulnerability only affects sites on which administrator has given other user types the permission to view reports and can only be exploited by users of that type.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
exactmetrics / google analytics dashboard for wordpress cpe:2.3:a:exactmetrics:google_analytics_dashboard_for_wordpress:8.6.0-9.0.2:*:*:*:*:*:wordpress:*:*

References