Description
WordPress Plugin Stock Ticker is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently purge stock cache. WordPress Plugin Stock Ticker version 3.23.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.23.1 or latest
References
Related Vulnerabilities
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17)
WordPress Plugin Client Dash Cross-Site Scripting (2.1.4)
PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-9862)
WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.1)