CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51541 – WordPress Stock Ticker Plugin <= 3.23.4 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-51541
27 Dec 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Aleksandar Uroševi? Stock Ticker permite XSS almacenado. Este problema afecta a Stock Ticker: desde n/a hasta 3.23.4. The Stock Ticker plugin for WordPress is vulnerable to St... • https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-4-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40208 – WordPress Stock Ticker Plugin <= 3.23.3 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-40208
11 Aug 2023 — Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Urošević Stock Ticker plugin <= 3.23.3 versions. Vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin Stock Ticker de Aleksandar Uroševi? en versiones anteriores e incluyendo la 3.23.3. The Stock Ticker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in the ajax_stockticker_load function in versions up to, and including, 3.23.3 due to insufficient input sanitization and output escaping... • https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-3-unauth-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45365 – WordPress Stock Ticker Plugin <= 3.23.2 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-45365
10 Aug 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('cross-site Scripting') en Aleksandar Uroševi? Stock Ticker permite XSS reflejado. Este problema afecta a Stock Ticker: desde n/a hasta 3.23.2. The Stock Ticker plugin for WordPress is vulnerable to Ref... • https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25987 – WordPress YouTube Channel Plugin <= 3.23.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25987
23 Feb 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Urošević My YouTube Channel plugin <= 3.23.3 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento My YouTube Channel de Aleksandar Uroševi? en versiones <=3.23.3. The My YouTube Channel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.23.3. This is due to missing or incorrect nonce validation on the clear_all_cache function. • https://patchstack.com/database/vulnerability/youtube-channel/wordpress-my-youtube-channel-plugin-3-23-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •