CVE-2022-45365

WordPress Stock Ticker Plugin <= 3.23.2 is vulnerable to Cross Site Scripting (XSS)

CVSS 7.1 HIGHEPSS 43.4%CWE-79

Vexday Risk Score

48Atención

Decisión SSVC (CISA)

Attend

PoC disponible → seguir de cerca

CVSS 7.1EPSS 43.4%KEV nãoPoC —Nuclei simMetasploit —Patch —

Ciclo de vida

14 dic 2023Publicada en NVD

Recomendación: Planificar corrección próxima — ya existe PoC pública.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Productos afectados

Aleksandar Urošević · Stock Ticker

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve