XSS vulnerability | WordPress.org

Resolved T
(@tenleftfingers)

8 years, 10 months ago

I found this article on an XSS vulnerability found in version 2.1.1 (so very old) of this plugin. It’s still marked as unresolved. Is the article just not maintained or does this issue still exist in the current version?

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_google_analytics_dashboard_wordpress_plugin.html
https://wpvulndb.com/vulnerabilities/8747

Viewing 3 replies - 1 through 3 (of 3 total)

Alin Marcu
(@deconf)

8 years, 10 months ago

Hi,

That’s a different plugin, and it was already discussed and clarified here: https://wordpress.org/support/topic/publicly-reported-xss-vulnerability-whats-the-status-of-the-plugin/.

This plugin is called Google Analytics Dashboard for WP (aka GADWP), with the slug google-analytics-dashboard-for-wp.

Thread Starter T
(@tenleftfingers)

8 years, 10 months ago

Apologies for the confusion, Alin.

Alin Marcu
(@deconf)

8 years, 10 months ago

No worries!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘XSS vulnerability’ is closed to new replies.

Tags

xss

3 replies
2 participants
Last reply from: Alin Marcu
Last activity: 8 years, 10 months ago
Status: resolved