diff --git a/CHANGELOG.md b/CHANGELOG.md
index d37a059..8340494 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,11 @@ All notable changes to **Device Detector** are documented in this *changelog*.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and **Device Detector** adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [4.2.1] - 2024-12-11
+
+### Fixed
+- [SEC005] XSS vulnerability.
+
 ## [4.2.0] - 2024-11-22
 
 ### Added
diff --git a/device-detector.php b/device-detector.php
index 30fa299..c102f50 100644
--- a/device-detector.php
+++ b/device-detector.php
@@ -10,7 +10,7 @@
  * Plugin Name:       Device Detector
  * Plugin URI:        https://perfops.one/device-detector
  * Description:       Full featured analytics reporting and management tool that detects all devices accessing your WordPress site.
- * Version:           4.2.0
+ * Version:           4.2.1
  * Requires at least: 6.2
  * Requires PHP:      8.1
  * Author:            Pierre Lannoy / PerfOps One
diff --git a/includes/features/class-analyticsfactory.php b/includes/features/class-analyticsfactory.php
index d02ced1..608cf97 100644
--- a/includes/features/class-analyticsfactory.php
+++ b/includes/features/class-analyticsfactory.php
@@ -71,6 +71,7 @@ public static function get_analytics( $reload = false ) {
 		if ( empty( $id ) ) {
 			$id = '';
 		}
+		$id = sanitize_key( $id );
 		if ( ! ( $extended = filter_input( INPUT_GET, 'extended' ) ) ) {
 			$extended = filter_input( INPUT_POST, 'extended' );
 		}
diff --git a/init.php b/init.php
index dae21e6..715faea 100644
--- a/init.php
+++ b/init.php
@@ -12,7 +12,7 @@
 define( 'PODD_PRODUCT_SHORTNAME', 'Device Detector' );
 define( 'PODD_PRODUCT_ABBREVIATION', 'podd' );
 define( 'PODD_SLUG', 'device-detector' );
-define( 'PODD_VERSION', '4.2.0' );
+define( 'PODD_VERSION', '4.2.1' );
 define( 'PODD_API_VERSION', '3' );
 define( 'PODD_CODENAME', '"-"' );
 
diff --git a/readme.txt b/readme.txt
index fdd5b4a..0116110 100755
--- a/readme.txt
+++ b/readme.txt
@@ -4,7 +4,7 @@ Tags: bot, detection, detector, device, mobile
 Requires at least: 6.2
 Requires PHP: 8.1
 Tested up to: 6.7
-Stable tag: 4.2.0
+Stable tag: 4.2.1
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html