Ditty — Vulnerabilities & Security Advisories 10

All 10 CVE vulnerabilities found in Ditty, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Paused
CVE-2025-60105	WordPress Ditty Plugin <= 3.1.58 - Cross Site Scripting (XSS) Vulnerability CWE-79	6.5	Medium	2025-09-26
CVE-2025-8085	Ditty < 3.1.58 - Unauthenticated SSRF	5.3^AI	Medium^AI	2025-09-08
CVE-2024-13357	Ditty – Responsive News Tickers, Sliders, and Lists < 3.1.52 - Author+ Stored XSS	4.8^AI	Medium^AI	2025-05-15
CVE-2023-47764	WordPress Ditty plugin <= 3.1.24 - Broken Access Control vulnerability CWE-862	9.1	-	2024-12-09
CVE-2024-9600	Ditty < 3.1.47 - Author+ Stored XSS	4.8	-	2024-11-21
CVE-2024-6715	Ditty 3.1.39-3.1.45 - Author+ Stored XSS	8.1^AI	High^AI	2024-08-23
CVE-2024-6710	Ditty < 3.1.45 - Author+ Stored XSS	5.4^AI	Medium^AI	2024-08-05
CVE-2024-32569	WordPress Ditty plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-04-18
CVE-2023-4148	Ditty < 3.1.25 - Reflected XSS	6.1	-	2023-09-25
CVE-2023-23874	WordPress Ditty Plugin <= 3.0.32 is vulnerable to Cross Site Scripting (XSS) CWE-79	6.5	Medium	2023-05-03

All 10 known CVE vulnerabilities affecting Ditty with full Chinese analysis, references, and POCs where available.