VYPR

Stock Ticker

by Urosevic

Source repositories

CVEs (4)

  • CVE-2022-45365HigDec 14, 2023
    risk 0.50cvss 7.1epss 0.49

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.

  • CVE-2024-6363MedJun 29, 2024
    risk 0.42cvss 6.4epss 0.00

    The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible…

  • CVE-2023-51541MedDec 29, 2023
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.

  • CVE-2026-2722MedMar 7, 2026
    risk 0.24cvss 4.8epss 0.00

    The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.26.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…