Vulnerabilities > Stockdio > Stockdio Historical Chart > 2.8.7

DATE CVE VULNERABILITY TITLE RISK
2025-01-30 CVE-2024-13349 Cross-site Scripting vulnerability in Stockdio Historical Chart
The Stockdio Historical Chart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stockdio-historical-chart' shortcode in all versions up to, and including, 2.8.18 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
stockdio CWE-79
5.4
5.4