WordPress plugin GA4WP: Google Analytics for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin GA4WP...

PT-2026-2194

Name of the Vulnerable Software and Affected Versions GA4WP: Google Analytics for WordPress versions through 2.10.0 Description A missing authorization issue exists in Passionate Brains GA4WP: Google Analytics for WordPress, allowing exploitation of incorrectly configured access control security...

WordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GA4WP: Google Analytics for WordPress versions = 2.10.0...

CVE-2025-12540

The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.4. This is due to the Google Analytics clientID and clientsecret being stored in plaintext in the publicly visible plugin source. This can...

CVE-2025-1245

Bypass Connection Restriction vulnerability in Hitachi Infrastructure Analytics Advisor Data Center Analytics component, Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view component.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from...

CVE-2025-1507

The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleactions function in all versions up to, and including, 3.2.1. This makes it possible for unauthenticated attackers to disable all...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack

Summary IBM Operations Analytics – Log Analysis uses CSRF tokens to prevent unauthorised actions from being performed by an attacker on behalf of an authenticated user. CVE-2024-40685. Vulnerability Details CVEID:CVE-2024-40685 DESCRIPTION: IBM SmartCloud Analytics - Log Analysis is vulnerable to...

CVE-2025-12540

CVE-2025-12540 affects the ShareThis Dashboard for Google Analytics WordPress plugin (affected

CVE-2025-12540 ShareThis Dashboard for Google Analytics <= 3.2.4 - Unauthenticated Google Analytics Data Exposure

The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.4. This is due to the Google Analytics clientID and clientsecret being stored in plaintext in the publicly visible plugin source. This can...

CVE-2025-12540 ShareThis Dashboard for Google Analytics <= 3.2.4 - Unauthenticated Google Analytics Data Exposure

The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.4. This is due to the Google Analytics clientID and clientsecret being stored in plaintext in the publicly visible plugin source. This can...

WordPress plugin ShareThis Dashboard for Google Analytics 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information...

PT-2026-1586

Name of the Vulnerable Software and Affected Versions ShareThis Dashboard for Google Analytics plugin for WordPress versions through 3.2.4 Description The plugin is susceptible to Sensitive Information Exposure. The Google Analytics client ID and client secret are stored in plaintext within the...

WordPress ShareThis Dashboard for Google Analytics plugin <= 3.2.4 - Unauthenticated Google Analytics Data Exposure vulnerability

Unauthenticated Google Analytics Data Exposure vulnerability discovered by ifoundbug in WordPress Plugin ShareThis Dashboard for Google Analytics versions = 3.2.4...

Security Bulletin: Due to use of servlet feature in IBM WebSphere Application Server Liberty, IBM Operations Analytics - Log Analysis is affected by a security bypass vulnerability

Summary servlet feature in IBM WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of HTTP Servlets support. CVE-2024-56339. Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect validation of integrity check due to OpenSSH

Summary OpenSSH is used by IBM Operations Analytics - Log Analysis as part of implementations of SSH servers and clients. CVE-2023-48795. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by SMTP injection due to Jakarta Mail in IBM WebSphere Application Server Liberty

Summary Jakarta Mail in IBM WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of sending and receiving emails. CVE-2025-7962. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.

Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...

Malicious code in wikibuy-mobile-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e240a0c7b0f1e6f0ce72c097409a543c14de0b3231f000ef7d37c8d61b0e1ad8 The package wikibuy-mobile-analytics was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview wikibuy-mobile-analytics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-83 Malicious code in wikibuy-mobile-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e240a0c7b0f1e6f0ce72c097409a543c14de0b3231f000ef7d37c8d61b0e1ad8 The package wikibuy-mobile-analytics was found to contain malicious code. Source: ghsa-malware...