WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Google Analytics by Yoast <= 5.3.3 - Unauthenticated Cross-Site Scripting (XSS)

Description

The Google Analytics Dashboard Plugin for WordPress by MonsterInsights WordPress plugin was affected by an Unauthenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

google-analytics-for-wordpress
Fixed in version 5.4

References

URL
https://yoast.com/coordinated-security-release/
URL
https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
URL
https://klikki.fi/adv/yoast_analytics2.html

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
bb82c140-9f0d-458f-a157-a73297099785

Timeline

Publicly Published

2015-04-20 (about 7 years ago)

Added

2015-04-20 (about 7 years ago)

Last Updated

2019-10-21 (about 3 years ago)

Our Other Services

WPScan WordPress Security Plugin