59 matches found
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
EUVD-2026-10104
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722 Stock Ticker <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722 Stock Ticker <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The CVE-2026-2722 entry refers to the WordPress Stock Ticker plugin (versions up to and including 3.26.1) being vulnerable to Stored Cross-Site Scripting via admin settings/Templates, exploitable by authenticated administrators (and higher) on multi-site setups where unfiltered_html is disabled. ...
WordPress Stock Ticker plugin <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via Template vulnerability discovered by WordFence in WordPress Plugin Stock Ticker versions = 3.26.1...
PT-2026-23819
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
WordPress plugin Stock Ticker 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2023-40208
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Aleksandar Urošević Stock Ticker plugin = 3.23.3 versions...
EUVD-2023-56253
Malicious code in bioql PyPI...
EUVD-2023-31362
Malicious code in bioql PyPI...
EUVD-2024-47471
Malicious code in bioql PyPI...
EUVD-2023-44805
Malicious code in bioql PyPI...
CVE-2024-6363
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2023-51541
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4...
CVE-2023-27626
Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through 3.23.0...
CVE-2022-45365
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2...
CVE-2023-27626
Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through 3.23.0...