CVE-2025-12540
- EPSS 0.05%
- Veröffentlicht 07.01.2026 08:21:52
- Zuletzt bearbeitet 08.01.2026 18:09:23
The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.4. This is due to the Google Analytics client_ID and client_secret being stored in plaintext i...
CVE-2025-32282
- EPSS 0.08%
- Veröffentlicht 10.04.2025 08:15:21
- Zuletzt bearbeitet 11.04.2025 15:39:52
Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google Analytics. This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.2.2.
CVE-2025-1507
- EPSS 0.28%
- Veröffentlicht 14.03.2025 09:15:14
- Zuletzt bearbeitet 27.03.2025 01:35:44
The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_actions() function in all versions up to, and including, 3.2.1. This makes it possibl...
CVE-2022-45851
- EPSS 0.05%
- Veröffentlicht 25.03.2024 12:15:09
- Zuletzt bearbeitet 21.11.2024 07:29:50
Missing Authorization vulnerability in ShareThis ShareThis Dashboard for Google Analytics.This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.1.4.
CVE-2021-24438
- EPSS 0.19%
- Veröffentlicht 30.08.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 05:53:04
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, l...