Stock Ticker < 3.23.3 - Reflected XSS

2023-09-1300:00:00

wpscan.com

plugin

xss

vulnerability

parameters

admin

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.9%

JSON

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CPENameOperatorVersion
eq3.23.3

CPE	Name	Operator	Version
		eq	3.23.3