Urosevic

urosevic

5 CVEs • 2 products

Products (2)

Click to collapse

Toggle

My Youtube Channel

my_youtube_channel

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6363 1Urosevic 1Stock Ticker Jun 17, 2026 Jun 29, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output es...Show more The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock_ticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2023-51541 1Urosevic 1Stock Ticker Jun 17, 2026 Dec 29, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.
CVE-2022-45365 1Urosevic 1Stock Ticker Jun 17, 2026 Dec 14, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Reflected XSS.This issue affects Stock Ticker: from n/a through 3.23.2.
CVE-2023-25987 1Urosevic 1My Youtube Channel Jun 17, 2026 Nov 22, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Urošević My YouTube Channel plugin <= 3.23.3 versions.
CVE-2023-40208 1Urosevic 1Stock Ticker Jun 17, 2026 Sep 4, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Urošević Stock Ticker plugin <= 3.23.3 versions.