Vulnerabilities > Metaphorcreations

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-25	CVE-2023-4148	Cross-site Scripting vulnerability in Metaphorcreations Ditty The Ditty WordPress plugin before 3.1.25 does not sanitise and escape some parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. network low complexity metaphorcreations CWE-79	6.1
2023-05-03	CVE-2023-23874	Cross-site Scripting vulnerability in Metaphorcreations Ditty Auth. network low complexity metaphorcreations CWE-79	5.4
2023-02-20	CVE-2016-15027	Cross-site Scripting vulnerability in Metaphorcreations Post Duplicator 2.18 A vulnerability was found in meta4creations Post Duplicator Plugin 2.18 on WordPress. network low complexity metaphorcreations CWE-79	6.1
2022-03-10	CVE-2021-33852	Cross-site Scripting vulnerability in Metaphorcreations Post Duplicator 2.23 A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user's browser and can use an application as the vehicle for the attack. network metaphorcreations CWE-79	3.5
2022-03-07	CVE-2022-0533	Cross-site Scripting vulnerability in Metaphorcreations Ditty The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability. network metaphorcreations CWE-79	4.3

Vulnerabilities > Metaphorcreations {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Metaphorcreations"}]}