CVE-2017-18556
The CVE pertains to the WordPress plugin bws-google-analytics (pre-1.7.1). The connected Nuclei template confirms multiple XSS flaws in the plugin before 1.7.1, enabling authenticated attackers to inject and execute arbitrary JavaScript in victims’ browsers (potential cookie/credentials leakage a...