cbcvebase.

Urosevic Stock Ticker vulnerabilities

4 known vulnerabilities affecting urosevic/stock_ticker.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2022-45365P3MEDIUMCVSS 6.1PoC≤ 3.23.22023-12-14
CVE-2022-45365 [MEDIUM] CWE-79 CVE-2022-45365: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.
nvd
CVE-2023-40208P3MEDIUMCVSS 6.1PoCfixed in 3.23.42023-09-04
CVE-2023-40208 [MEDIUM] CWE-79 CVE-2023-40208: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Urošević Stock Ticker plugi Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Urošević Stock Ticker plugin <= 3.23.3 versions.
nvd
CVE-2023-51541P4MEDIUMCVSS 5.4≤ 3.23.42023-12-29
CVE-2023-51541 [MEDIUM] CWE-79 CVE-2023-51541: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.
nvd
CVE-2024-6363P4MEDIUMCVSS 5.4fixed in 3.24.62024-06-29
CVE-2024-6363 [MEDIUM] CWE-79 CVE-2024-6363: The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inj
nvd
Urosevic Stock Ticker vulnerabilities | cvebase