A security problem was found on March 18th in the popular plugin Google Analytics by Yoast. This plugin has been downloaded nearly 7 million times according to statistics at the Yoast website.
There were no reports of hacks using the security loophole, and Yoast responded quickly and got a fixed update ready for release on March 19th.
More information on the security issue from a few sources:
- ZDNet – Security flaw in WordPress plugin Google Analytics by Yoast exposed
- Threatpost – Yoast Google Analytics Plugin Patches XSS Vulnerability
If you’re a WP Minder client and use this plugin, don’t worry – you’ve already been updated.