The plugin does not sanitise or escape the ‘ga_action’ parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator
Plugin needs to be connected to Google Analytics account. https://example.com/wp-admin/admin.php?page=googleanalytics&ga;_action="><img+src%3Dx+onerror%3Dalert(document.domain)>
CPE | Name | Operator | Version |
---|---|---|---|
googleanalytics | lt | 2.5.2 |