Google Analytics by Yoast 5.3.3

Google Analytics by Yoast was updated to version 5.3.3, from version 5.3.2. Changelog:

  • Fix minor XSS issue where admins could XSS each other through an unescaped manual UA field.
  • Fix stored XSS issue where changing a property’s name in Google Analytics to contain malicious JS would allow execution of that JS in the admin as the profile name was not escaped properly.
  • Fix un-authenticated change of the GA profile list, allowing the previous XSS to become a slightly bigger issue.
  • Small code style improvements.
  • Throw an error and deactivate if either the PHP SPL or PHP filter libraries aren’t loaded.
  • Introduced a filter yst_ga_track_super_admin to allow disabling of super admin tracking on multi-site, defaulting to true.