Site Kit Google Site Kit

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Google Site Kit.

By the Year

In 2024 there have been 0 vulnerabilities in Google Site Kit . Last year Site Kit had 1 security vulnerability published. Right now, Site Kit is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 4.30
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Site Kit vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Site Kit Security Vulnerabilities

The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the admin_enqueue_scripts action

CVE-2020-8934 4.3 - Medium - July 07, 2023

The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the admin_enqueue_scripts action which displays the connection key. This makes it possible for authenticated attackers with any level of access obtaining owner access to a site in the Google Search Console. We recommend upgrading to V1.8.1 or above.

Unchecked Return Value

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Google Site Kit or by Google? Click the Watch button to subscribe.

Google
Vendor

subscribe