Lucene search
+L

284 matches found

Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.4 views

PT-2025-4721 · Elementor · News Ticker Widget For Elementor

Name of the Vulnerable Software and Affected Versions: News Ticker Widget for Elementor versions 1.3.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. This problem affects...

6.5CVSS6.6AI score0.00211EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/01/07 9:59 p.m.6 views

WordPress News Ticker Widget for Elementor plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin News Ticker Widget for Elementor versions = 1.3.2...

6.5CVSS6.1AI score0.00211EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/13 3:15 p.m.15 views

CVE-2024-54278

Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor news-ticker-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through = 2.1.3...

4.3CVSS0.00429EPSS
Exploits0References1
OSV
OSV
added 2024/12/13 3:15 p.m.4 views

CVE-2023-36681

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

9.8CVSS5.8AI score0.00914EPSS
Exploits0References1
NVD
NVD
added 2024/12/13 3:15 p.m.56 views

CVE-2023-36681

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

9.8CVSS0.00914EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/12/13 3:15 p.m.6 views

CVE-2023-36681

Missing Authorization vulnerability in CoolHappy Cryptocurrency Widgets – Price Ticker & Coins List cryptocurrency-price-ticker-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through =...

9.8CVSS5.8AI score0.00914EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.17 views

CVE-2024-54278 WordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor news-ticker-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through = 2.1.3...

4.3CVSS0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/13 2:24 p.m.6 views

CVE-2024-54278 WordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through 2.1.3...

4.3CVSS7AI score0.00429EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:23 p.m.48 views

CVE-2023-36681

The CVE-2023-36681 entry concerns the WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List (versions

9.8CVSS8.6AI score0.00914EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/12/11 4:4 p.m.6 views

WordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin News Ticker for Elementor versions = 2.1.3...

4.3CVSS7AI score0.00429EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/09 1:15 p.m.6 views

CVE-2023-27626

Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through 3.23.0...

5.3CVSS0.00391EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.8 views

CVE-2023-27626 WordPress Stock Ticker plugin <= 3.23.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker stock-ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through = 3.23.0...

5.3CVSS5.8AI score0.00391EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.19 views

CVE-2023-27626 WordPress Stock Ticker plugin <= 3.23.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aleksandar Urošević Stock Ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Ticker: from n/a through 3.23.0...

5.3CVSS0.00391EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.38 views

CVE-2023-27626

The CVE concerns WordPress Stock Ticker plugin versions

5.3CVSS5.1AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

WordPress plugin Stock Ticker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.8AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.8 views

CVE-2024-51830

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fazilatunnesa News Ticker newsticker allows Stored XSS.This issue affects News Ticker: from n/a through = 1.0...

6.5CVSS0.00374EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.43 views

CVE-2024-51830

CVE-2024-51830 is a stored XSS vulnerability in Fazilatunnesa News Ticker (WordPress News Ticker plugin). Exploitation requires an authenticated user (Contributor+); input is not properly neutralized during web page generation, enabling stored cross-site scripting. Affected versions are News Tick...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.4 views

WordPress plugin News Ticker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00374EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 1:9 p.m.8 views

WordPress News Ticker plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin News Ticker versions = 1.0...

6.5CVSS6.1AI score0.00374EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.14 views

WordPress News Ticker Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software News Ticker Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51830 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 31c1d84151aa Credits SOPROBRO Required privilege Contributor...

6.5CVSS6.6AI score0.00374EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder