Filtered by vendor Metaphorcreations
Subscriptions
Filtered by product Ditty
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-4148 | 1 Metaphorcreations | 1 Ditty | 2023-11-07 | 6.1 Medium |
The Ditty WordPress plugin before 3.1.25 does not sanitise and escape some parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | ||||
CVE-2023-23874 | 1 Metaphorcreations | 1 Ditty | 2023-05-06 | 5.4 Medium |
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Metaphor Creations Ditty plugin <= 3.0.32 versions. | ||||
CVE-2022-0533 | 1 Metaphorcreations | 1 Ditty | 2022-03-11 | 6.1 Medium |
The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability. |
Page 1 of 1.