Cross-site Scripting Vulnerability in Analytics Germanized for Google Analytics by PascalBajorat
CVE-2025-64292

Currently unrated

Key Information:

Vendor

WordPress
Status
Analytics Germanized For Google Analytics
Vendor
CVE Published:
13 November 2025

What is CVE-2025-64292?

A Cross-site Scripting (XSS) vulnerability exists in the Analytics Germanized for Google Analytics plugin developed by PascalBajorat, affecting versions up to and including 1.6.2. This vulnerability allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access to sensitive information or further exploitations of the user's session. It is essential for users of this plugin to update to the latest version to mitigate potential security risks.

Affected Version(s)

Analytics Germanized for Google Analytics <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/ga-g...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

zaim | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64292 : Cross-site Scripting Vulnerability in Analytics Germanized for Google Analytics by PascalBajorat