Skip to main content

4Analytics CVE-2026-58077

| EUVDEUVD-2026-44602 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-07-15 Joomla GHSA-xh64-rxr5-8ggh
8.7
CVSS 4.0 · Vendor: Joomla
Share

Severity by source

Vendor (Joomla) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.6 CRITICAL

Unauthenticated network stored XSS (AV:N/AC:L/PR:N) needs a victim admin to view the payload (UI:R), and script executing in the admin's context crosses into the Joomla site (S:C) enabling takeover-level C/I/A impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Joomla).

CVSS VectorVendor: Joomla

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 15, 2026 - 09:45 vuln.today
CVE Published
Jul 15, 2026 - 09:01 cve.org
HIGH 8.7

DescriptionCVE.org

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances.

AnalysisAI

Unauthenticated stored cross-site scripting in the 4Analytics analytics extension for Joomla (by weeblr.com) lets a remote attacker inject persistent JavaScript through a specially crafted request, with no login required. Because the payload is stored and later rendered in a privileged context, it can escalate to full website takeover under some conditions. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Reach unauthenticated 4Analytics ingest endpoint
Delivery
Submit request with crafted XSS payload
Exploit
Payload stored in analytics data
Install
Admin opens 4Analytics dashboard
C2
Script executes in admin session
Execute
Steal session/perform admin actions
Impact
Achieve website takeover

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target Joomla site has the 4Analytics extension installed and actively collecting data, and that the attacker can reach the unauthenticated request path the extension uses to store visitor/analytics input - no attacker credentials are needed (PR:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals point to a genuinely high-priority issue, though not a confirmed mass-exploitation event. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a crafted request to a Joomla site running 4Analytics, embedding malicious JavaScript into a field the extension stores (such as a tracked analytics parameter). When a Joomla administrator later opens the 4Analytics dashboard, the stored script executes in their authenticated session, allowing session/token theft or administrative actions that can lead to full site takeover. …
Remediation No vendor-released patch version was identified at time of analysis, and no advisory URL beyond the product page (https://weeblr.com/joomla-seo/4analytics-private-analytics-for-joomla) was provided, so administrators should monitor weeblr.com for an updated 4Analytics release and apply it as soon as it ships. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Joomla installations using the 4Analytics extension by weeblr.com and immediately disable or remove the extension. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-58077 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy