WordPress Plugin Vulnerabilities

Google Analytics by Monster Insights < 7.2.0 - Authenticated Stored Cross-Site Scripting (XSS)

Description

The Google Analytics Dashboard Plugin for WordPress by MonsterInsights WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
google-analytics-for-wordpress
Fixed in 7.2.0

References

URL
https://www.ripstech.com/php-security-calendar-2018/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher
RIPS Technologies
Submitter
Ryan Dewhurst
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3908c05c-d196-4266-bbd4-2a9c77f0c2a5

Timeline

Publicly Published
2018-12-02 (about 7 years ago)
Added
2018-12-06 (about 7 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2022-12-15
Title
Sunshine Photo Cart < 2.9.15 - Reflected XSS
Published
2025-01-16
Title
Feedburner Optin Form <= 0.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2015-08-10
Title
The Holiday Calendar <= 1.11.2 - Cross-Site Scripting (XSS)
Published
2024-10-16
Title
Wp-ImageZoom <= 1.1.0 - Reflected XSS
Published
2025-09-05
Title
Master Paper Collapse Toggle <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting