79 matches found
CVE-2024-3648 ShareThis Share Buttons <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via sharethis-inline-buttons Shortcode
The ShareThis Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sharethis-inline-button' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress ShareThis Share Buttons Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)
Software ShareThis Share Buttons Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3648 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8b942c804f7 Credits Krzysztof Zając...
PT-2024-27021 · Sharethis · Sharethis Share Buttons
Name of the Vulnerable Software and Affected Versions: ShareThis Share Buttons plugin for WordPress versions up to, and including, 2.3.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'sharethis-inline-button' shortcode...
WordPress plugin ShareThis Share Buttons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...
ShareThis Share Buttons < 2.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sharethis-inline-buttons Shortcode
Description The ShareThis Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sharethis-inline-button' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2022-45851
Missing Authorization vulnerability in ShareThis ShareThis Dashboard for Google Analytics.This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.1.4...
CVE-2022-45851
CVE-2022-45851 affects the WordPress ShareThis Dashboard for Google Analytics plugin up to version 3.1.4. The issue is described as a Missing Authorization (Broken Access Control) vulnerability. The connected sources indicate no patched version is available for versions through 3.1.4 (Patchstack ...
CVE-2022-45851 WordPress ShareThis Dashboard for Google Analytics plugin <= 3.1.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ShareThis ShareThis Dashboard for Google Analytics.This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.1.4...
WordPress Plugin ShareThis Dashboard for Google Analytics 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-11726 · Sharethis · Sharethis Dashboard For Google Analytics
Name of the Vulnerable Software and Affected Versions: ShareThis Dashboard for Google Analytics versions through 3.1.4 Description: The issue is related to a Missing Authorization vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide ...
WordPress ShareThis Dashboard for Google Analytics plugin <= 3.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability leading to plugin settings reset discovered by Dave Jong Patchstack in WordPress ShareThis Dashboard for Google Analytics plugin versions = 3.1.2. Solution No patched version available...
WordPress ShareThis Dashboard for Google Analytics Plugin < 2.5.2 XSS Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2021-24438
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue...
CVE-2021-24438
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue...
Cross site scripting
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue...
CVE-2021-24438
The CVE concerns the WordPress plugin “ShareThis Dashboard for Google Analytics” (vulnerable:
CVE-2021-24438 ShareThis Dashboard for Google Analytics < 2.5.2 - Reflected Cross-Site Scripting (XSS)
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue...
ShareThis Dashboard for Google Analytics < 2.5.2 - Reflected Cross-Site Scripting (XSS)
The plugin does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in...
ShareThis Dashboard for Google Analytics < 2.5.2 - Reflected Cross-Site Scripting (XSS)
The plugin does not sanitise or escape the 'gaaction' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in...
ShareThis 7.0.3 - Setting Manipulation CSRF
The share-this WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...