Skip to main content

Google Tag Manager

2 CVEs product

Monthly

CVE-2022-1961 MEDIUM POC PATCH This Month

The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Google WordPress PHP XSS Google Tag Manager
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-1707 MEDIUM This Month

The Google Tag Manager for WordPress plugin for WordPress is vulnerable to reflected Cross-Site Scripting via the s parameter due to the site search populating into the data layer of sites with. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Google WordPress PHP XSS Google Tag Manager
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
16.2%
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Google WordPress PHP +2
NVD GitHub VulDB
EPSS 16% CVSS 6.1
MEDIUM This Month

The Google Tag Manager for WordPress plugin for WordPress is vulnerable to reflected Cross-Site Scripting via the s parameter due to the site search populating into the data layer of sites with. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Google WordPress PHP +2
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy