Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sharethis Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36848 1 Sharethis 1 Social Media Feather 2022-04-15 3.5 LOW 4.8 MEDIUM
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4
CVE-2021-24438 1 Sharethis 1 Dashboard For Google Analytics 2021-09-08 4.3 MEDIUM 6.1 MEDIUM
The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the plugin is connected to a Google Analytics account, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator
CVE-2013-3479 2 Sharethis, Wordpress 2 Sharethis, Wordpress 2013-09-26 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the ShareThis plugin before 7.0.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings.