Unauthenticated Stored XSS in Joomla Extension Affects 4Analytics by Weeblr
CVE-2026-57833

8.6HIGH

Key Information:

Vendor

Weeblr.com

Vendor
CVE Published:
15 July 2026

What is CVE-2026-57833?

The 4Analytics extension for Joomla is susceptible to an unauthenticated stored XSS vulnerability linked to its AI analysis feature. Attackers can exploit this flaw to inject malicious scripts that may be executed in the context of other users, potentially compromising their session or data integrity. Website administrators are strongly advised to update the extension promptly and implement security best practices to safeguard their sites.

Affected Version(s)

4Analytics extension for Joomla 1.0-5.0.1

References

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Yannick Gaultier
.