WordPress Stock Ticker plugin <= 3.24.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock_ticker Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via stockticker Shortcode vulnerability discovered by Dale Mavers in WordPress Plugin Stock Ticker versions = 3.24.4...

WordPress Stock Ticker Plugin <= 3.24.4 is vulnerable to Cross Site Scripting (XSS)

Software Stock Ticker Type Plugin Vulnerable versions = 3.24.4 Fixed in 3.24.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6363 Patch priority Low CVSS severity Low 6.5 Developer Aleksandar Urošević PSID b2196f70b406 Credits Dale Mavers Required...

WordPress Stock Ticker Plugin <= 3.23.3 is vulnerable to Cross Site Scripting (XSS)

Software Stock Ticker Type Plugin Vulnerable versions = 3.23.3 Fixed in 3.23.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40208 Patch priority Medium CVSS severity Medium 7.1 Developer Aleksandar Urošević PSID 4548610be084 Credits Aman Rawat...

WordPress Stock Ticker Plugin <= 3.23.2 is vulnerable to Cross Site Scripting (XSS)

Software Stock Ticker Type Plugin Vulnerable versions = 3.23.2 Fixed in 3.23.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-45365 Patch priority Medium CVSS severity Medium 7.1 Developer Aleksandar Urošević PSID b2f877d49771 Credits Aman Rawat...

WordPress Stock Ticker Plugin <= 3.23.0 is vulnerable to Broken Access Control

Software Stock Ticker Type Plugin Vulnerable versions = 3.23.0 Fixed in 3.23.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27626 Patch priority Low CVSS severity Low 5.3 Developer Aleksandar Urošević PSID d29a0ed66689 Credits Mika Required privilege...