CVE-2022-1961: 
WordPress vulnerability analysis and mitigation

The Google Tag Manager for WordPress (GTM4WP) plugin contained a Stored Cross-Site Scripting vulnerability (CVE-2022-1961) discovered in versions up to and including 1.15.1. The vulnerability was identified in the ~/public/frontend.php file, specifically related to insufficient escaping of the gtm4wp-options[scroller-contentid] parameter (NVD, WPScan).

The vulnerability exists due to improper escaping of the Content Element ID settings in the scroll tracking functionality. The issue specifically occurs in the public/frontend.php file at line 717, where the gtm4wp-options[scroller-contentid] parameter is not properly sanitized before being output into JavaScript code (GitHub Exploit). The vulnerability has been assigned a CVSS v3.1 Base Score of 4.8 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N (NVD).

The vulnerability affects multi-site installations where unfilteredhtml is disabled for administrators, and sites where unfilteredhtml is disabled. When exploited, it allows attackers with administrative user access to inject arbitrary web scripts into the website (NVD).

The vulnerability was patched in version 1.15.2 of the plugin. The fix involves properly escaping the content ID parameter using the esc_js() function. Site administrators should update to version 1.15.2 or later to protect against this vulnerability (WordPress Plugin).