Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sharethis Subscribe
Filtered by product Dashboard For Google Analytics
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24438 1 Sharethis 1 Dashboard For Google Analytics 2021-09-08 4.3 MEDIUM 6.1 MEDIUM
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator