CVE-2025-12540
Sensitive Information Exposure in ShareThis Dashboard for WordPress
Publication date: 2026-01-07
Last updated on: 2026-01-07
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sharethis | dashboard_for_google_analytics | to 3.2.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the ShareThis Dashboard for Google Analytics WordPress plugin involves sensitive information exposure. Specifically, the Google Analytics client_ID and client_secret are stored in plaintext within the publicly visible plugin source. This allows unauthenticated attackers to craft a malicious link to the sharethis.com server that, if clicked by an administrator logged into both the website and Google Analytics, can share an authorization token with a malicious website, potentially compromising the Google Analytics account. [2]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to your Google Analytics account by exposing sensitive OAuth client credentials. An attacker can trick an administrator into clicking a crafted link that shares an authorization token with a malicious site. This could result in unauthorized data access or manipulation within your Google Analytics, potentially compromising your website's analytics data and security. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the ShareThis Dashboard for Google Analytics plugin version is up to and including 3.2.4 and by searching for the presence of exposed client_ID and client_secret in the plugin source files. For example, you can run commands to search for the credentials.json file or the client secret strings in your WordPress plugin directory. A sample command to find the client secret in the plugin directory could be: grep -r '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' /path/to/wordpress/wp-content/plugins/googleanalytics/ or to find the credentials.json file: find /path/to/wordpress/wp-content/plugins/googleanalytics/ -name 'credentials.json'. These commands help identify if sensitive OAuth credentials are stored in plaintext and publicly accessible. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the ShareThis Dashboard for Google Analytics plugin to a version later than 3.2.4 where this vulnerability is fixed, or if no update is available, removing or restricting access to the exposed credentials.json file and any plaintext client_ID and client_secret in the plugin source. Additionally, you should rotate the exposed Google Analytics OAuth client credentials to invalidate any potentially compromised tokens and prevent unauthorized access. Finally, educate administrators to avoid clicking suspicious links that could exploit this vulnerability. [2]