CVE-2026-48839

Name of the Vulnerable Software and Affected Versions VeronaLabs WP Statistics versions prior to 14.16.6

Description Improper neutralization of input during web page generation allows for DOM-Based Cross-Site Scripting (XSS), a flaw where the application contains client-side JavaScript that processes data from an untrusted source in an unsafe way, typically updating the Document Object Model (DOM).

Recommendations Update to a version later than 14.16.6.