'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability
Mar 21, 2015
Another popular WordPress plugin by Yoast has been found to be vulnerable to a critical flaw that could be exploited by hackers to hijack the affected website. The critical vulnerability actually resides in the highly popular Google Analytics by Yoast plugin, which allows WordPress admins to monitor website traffic by connecting the plugin to their Google Analytics account. The Google Analytics by Yoast WordPress plugin has been downloaded nearly 7 Million times with more than 1 million active installs, which makes the issue rather more serious. A week back, we reported that all the versions of ' WordPress SEO by Yoast ' was vulnerable to Blind SQL Injection web application vulnerability that allowed an attacker to execute arbitrary payload on the victim WordPress site in order to take control of it. However, the Google Analytics by Yoast plugin is vulnerable to persistent cross-site scripting (XSS) vulnerability that allows hackers to execute malicious PHP code on the server, whic...
