CVE-2026-3570

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Smarter Analytics plugin for WordPress versions prior to 2.1

Description The Smarter Analytics plugin for WordPress is susceptible to unauthorized access due to missing authentication and capability checks on the configuration reset functionality within the smarter-analytics.php file. This allows unauthenticated attackers to reset all plugin configurations and delete per-page/per-post analytics settings by manipulating the reset parameter.

Recommendations Update to version 2.1 or later.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2026-3570

Affected Products

Smarter Analytics

CVE-2026-3570

Weakness Enumeration

Related Identifiers

Affected Products

References · 6