The GTmetrix for WordPress plugin is vulnerable to a type of cyber attack called Reflected Cross-Site Scripting. In versions up to and including 0.4.6, the plugin does not properly protect against this type of attack. This means, if an attacker is able to trick someone into clicking on a link, they could inject malicious web scripts into a page, which could then be executed.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
