



The National Vulnerability Database has announced that a stored cross-site scripting (XSS) vulnerability has been discovered in the popular Google Analytics WordPress plugin, which has over 3 million installations.

Saved XSS

Cross-site scripting (XSS) attacks typically occur when the part of a website that accepts user input is insecure and allows unexpected input such as scripts and links.

Exploiting XSS vulnerabilities can result in unauthorized access to your website, leading to theft of user data or even takeover of your entire site.

The non-commercial Open Worldwide Application Security Project (OWASP) explains how XSS vulnerabilities work.

“An attacker could use XSS to submit malicious script to an unsuspecting user. The end user’s browser has no way of knowing that the script should not be trusted, and the script Run

Malicious scripts can access cookies, session tokens, or other sensitive information held by the browser and used by that site, as they believe the script is from a trusted source. “

Stored XSS is probably more malicious, where the malicious script is stored on the website server itself.

It was discovered that the plugin MonsterInsights – Google Analytics Dashboard for WordPress contains a stored XSS version vulnerability.

MonsterInsights – Google Analytics Dashboard for WordPress Vulnerabilities

The MonsterInsights Google Analytics plugin is installed on over 3 million websites, making this vulnerability even more concerning.

The WordPress security company Patchstack, which discovered the vulnerability, released the details as follows:

“Rafie Muhammad (Patchstack) discovered and reported a cross-site scripting (XSS) vulnerability in WordPress Google Analytics via the MonsterInsights plugin.

This could allow a malicious attacker to inject malicious scripts into your website, such as redirects, advertisements, or other HTML payloads that run when a guest visits your site.

This vulnerability has been fixed in version 8.14.1. “

The MonsterInsights plugin changelog in the WordPress plugin repository had a somewhat vague description of the security patch.

“Fix: Fixed PHP warning error and added security enhancements.”

“Security hardening” is a term that can be applied to many tasks related to reducing attack vectors, such as removing version numbers.

WordPress publishes an entire page on security hardening, recommending security hardening tasks such as regular database backups, getting themes and plugins from trusted sources, and using strong passwords.

All of these activities are security enhancements.

As such, the phrase “hardening” is a general and general term used for something as specific (and important) as patching XSS security vulnerabilities, and users May skip updating inn.

recommended action

Patchstack recommends that all users of the MonsterInsights Analytics plugin immediately update their WordPress plugin to the latest version, or at least version 8.14.1.

Read the US National Vulnerability Database announcement.

Details of CVE-2023-23999

Read the Patchstack announcement.

WordPress Google Analytics 8.14.0 and below by MonsterInsights plugin are vulnerable to cross-site scripting (XSS)

Sources 1/ https://Google.com/ 2/ https://www.searchenginejournal.com/monsterinsights-wordpress-plugin-vulnerability/487510/ The mention sources can contact us to remove/changing this article

What Are The Main Benefits Of Comparing Car Insurance Quotes Online

LOS ANGELES, CA / ACCESSWIRE / June 24, 2020, / Compare-autoinsurance.Org has launched a new blog post that presents the main benefits of comparing multiple car insurance quotes. For more info and free online quotes, please visit https://compare-autoinsurance.Org/the-advantages-of-comparing-prices-with-car-insurance-quotes-online/ The modern society has numerous technological advantages. One important advantage is the speed at which information is sent and received. With the help of the internet, the shopping habits of many persons have drastically changed. The car insurance industry hasn't remained untouched by these changes. On the internet, drivers can compare insurance prices and find out which sellers have the best offers. View photos The advantages of comparing online car insurance quotes are the following: Online quotes can be obtained from anywhere and at any time. Unlike physical insurance agencies, websites don't have a specific schedule and they are available at any time. Drivers that have busy working schedules, can compare quotes from anywhere and at any time, even at midnight. Multiple choices. Almost all insurance providers, no matter if they are well-known brands or just local insurers, have an online presence. Online quotes will allow policyholders the chance to discover multiple insurance companies and check their prices. Drivers are no longer required to get quotes from just a few known insurance companies. Also, local and regional insurers can provide lower insurance rates for the same services. Accurate insurance estimates. Online quotes can only be accurate if the customers provide accurate and real info about their car models and driving history. Lying about past driving incidents can make the price estimates to be lower, but when dealing with an insurance company lying to them is useless. Usually, insurance companies will do research about a potential customer before granting him coverage. Online quotes can be sorted easily. Although drivers are recommended to not choose a policy just based on its price, drivers can easily sort quotes by insurance price. Using brokerage websites will allow drivers to get quotes from multiple insurers, thus making the comparison faster and easier. For additional info, money-saving tips, and free car insurance quotes, visit https://compare-autoinsurance.Org/ Compare-autoinsurance.Org is an online provider of life, home, health, and auto insurance quotes. This website is unique because it does not simply stick to one kind of insurance provider, but brings the clients the best deals from many different online insurance carriers. In this way, clients have access to offers from multiple carriers all in one place: this website. On this site, customers have access to quotes for insurance plans from various agencies, such as local or nationwide agencies, brand names insurance companies, etc. "Online quotes can easily help drivers obtain better car insurance deals. All they have to do is to complete an online form with accurate and real info, then compare prices", said Russell Rabichev, Marketing Director of Internet Marketing Company. CONTACT: Company Name: Internet Marketing CompanyPerson for contact Name: Gurgu CPhone Number: (818) 359-3898Email: [email protected]: https://compare-autoinsurance.Org/ SOURCE: Compare-autoinsurance.Org View source version on accesswire.Com:https://www.Accesswire.Com/595055/What-Are-The-Main-Benefits-Of-Comparing-Car-Insurance-Quotes-Online View photos