Description
WordPress Plugin Stock Ticker is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently purge stock cache. WordPress Plugin Stock Ticker version 3.23.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.23.1 or latest
References
Related Vulnerabilities
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
Oracle Database Server CVE-2016-5555 Vulnerability (CVE-2016-5555)
WordPress Plugin Yoast SEO Cross-Site Scripting (3.4.0)
WordPress Plugin Snazzy Maps Cross-Site Request Forgery (1.1.5)
Apache HTTP Server CVE-2019-0190 Vulnerability (CVE-2019-0190)