Vulnerabilities > Urosevic

DATE CVE VULNERABILITY TITLE RISK
2024-06-29 CVE-2024-6363 Cross-site Scripting vulnerability in Urosevic Stock Ticker
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
urosevic CWE-79
5.4
2023-12-29 CVE-2023-51541 Cross-site Scripting vulnerability in Urosevic Stock Ticker
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Uroševic Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.
network
low complexity
urosevic CWE-79
5.4
2023-12-14 CVE-2022-45365 Unspecified vulnerability in Urosevic Stock Ticker
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Uroševic Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.
network
low complexity
urosevic
6.1
2023-11-22 CVE-2023-25987 Unspecified vulnerability in Urosevic MY Youtube Channel
Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Uroševic My YouTube Channel plugin <= 3.23.3 versions.
network
low complexity
urosevic
8.8
2023-09-04 CVE-2023-40208 Unspecified vulnerability in Urosevic Stock Ticker
Unauth.
network
low complexity
urosevic
6.1