All 2 CVE vulnerabilities found in Ditty – Responsive News Tickers, Sliders, and Lists, with AI-generated Chinese analysis, references, and POCs.
Vendor: metaphorcreations
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-9011 | Ditty <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via ditty_init AJAX Action CWE-862 | 7.5 | High | 2026-05-22 |
| CVE-2024-3954 | Ditty – Responsive News Tickers, Sliders, and Lists <= 3.1.38 - Authenticated (Contributor+) PHP Object Injection CWE-502 | 8.8 | High | 2024-05-09 |
All 2 known CVE vulnerabilities affecting Ditty – Responsive News Tickers, Sliders, and Lists with full Chinese analysis, references, and POCs where available.