Browse all 4 CVE security advisories affecting CurrencyRate.today. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CurrencyRate.today provides real-time currency exchange rate data through its API and web platform. Historically, the service has been affected by multiple cross-site scripting (XSS) vulnerabilities and remote code execution (RCE) flaws, often stemming from improper input validation and insecure API endpoints. The platform has demonstrated inconsistent security practices, with at least four CVEs recorded, including issues allowing unauthorized access and data manipulation. While no major public security incidents have been widely reported, the recurring nature of these vulnerabilities suggests potential weaknesses in their development lifecycle and security testing procedures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-29814 | WordPress Exchange Rates Widget plugin <= 1.4.0 - Cross Site Scripting (XSS) vulnerability — Exchange Rates WidgetCWE-79 | 6.5 | Medium | 2024-03-27 |
This page lists every published CVE security advisory associated with CurrencyRate.today. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.