Vulnerabilities > Yoast > Google Analytics > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-02 | CVE-2014-9174 | Cross-Site Scripting vulnerability in Yoast Google Analytics 5.1/5.1.1 Cross-site scripting (XSS) vulnerability in the Google Analytics by Yoast (google-analytics-for-wordpress) plugin before 5.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Manually enter your UA code" (manual_ua_code_field) field in the General Settings. | 4.3 |