19 matches found
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
EUVD-2026-10104
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722 Stock Ticker <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722 Stock Ticker <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2026-2722
The CVE-2026-2722 entry refers to the WordPress Stock Ticker plugin (versions up to and including 3.26.1) being vulnerable to Stored Cross-Site Scripting via admin settings/Templates, exploitable by authenticated administrators (and higher) on multi-site setups where unfiltered_html is disabled. ...
WordPress Stock Ticker plugin <= 3.26.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Template vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via Template vulnerability discovered by WordFence in WordPress Plugin Stock Ticker versions = 3.26.1...
PT-2026-23819
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
CVE-2023-40208
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Aleksandar Urošević Stock Ticker plugin = 3.23.3 versions...
EUVD-2023-44805
Malicious code in bioql PyPI...
WordPress plugin Stock Ticker security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Plugin Stock Ticker Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Plugin Stock Ticker Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
CVE-2023-40208
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Aleksandar Urošević Stock Ticker plugin = 3.23.3 versions...
CVE-2023-40208
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Aleksandar Urošević Stock Ticker plugin = 3.23.3 versions...
CVE-2023-40208
CVE-2023-40208 concerns the WordPress Stock Ticker plugin. Connected sources describe a Reflected Cross-Site Scripting (XSS) vulnerability in the ajax_stockticker_load function for versions up to and including 3.23.3, caused by insufficient input sanitization and output escaping. Exploitation is ...
PT-2023-27326 · Unknown · Aleksandar Urošević Stock Ticker
Name of the Vulnerable Software and Affected Versions: Aleksandar Urošević Stock Ticker plugin versions = 3.23.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a...
WordPress Stock Ticker Plugin <= 3.23.0 is vulnerable to Broken Access Control
Software Stock Ticker Type Plugin Vulnerable versions = 3.23.0 Fixed in 3.23.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27626 Patch priority Low CVSS severity Low 5.3 Developer Aleksandar Urošević PSID d29a0ed66689 Credits Mika Required privilege...