Google Analytics Dashboard WordPress Plugin Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the Google Analytics Dashboard WordPress Plugin, specifically in version 2.1.1. This vulnerability allows remote attackers to inject malicious scripts, which could be executed in the context of the user's browser. Exploitation requires tricking a logged-in WordPress Administrator into visiting a malicious website.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing attackers to steal session tokens from Administrators or perform actions on their behalf.

Added: May 15, 2026, 12:24 PM

Updated: May 15, 2026, 12:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.9

exploitability

7.5

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.9

exploitability

7.5

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Analytics Dashboard WordPress Plugin Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

Google Analytics Dashboard

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating