Vulnerabilities in metaphorcreations

9 results

CVE-2024-3954HIGHDitty – Responsive News Tickers, Sliders, and Lists <= 3.1.38 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.7%CVE-2026-9011HIGHDitty <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via ditty_init AJAX ActionEPSS 0.4%CVE-2026-39474HIGHWordPress Post Duplicator plugin <= 3.0.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2023-47764MEDIUMWordPress Ditty plugin <= 3.1.24 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23816MEDIUMWordPress Metaphor Widgets plugin <= 2.4 - Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-24736MEDIUMWordPress Post Duplicator plugin <= 2.35 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12472MEDIUMPost Duplicator <= 2.36 - Authenticated (Contributor+) Protected Post DisclosureEPSS 0.3%CVE-2026-2301MEDIUMPost Duplicator <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' ParameterEPSS 0.2%CVE-2025-60105MEDIUMWordPress Ditty Plugin <= 3.1.58 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%