Ditty – Responsive News Tickers, Sliders, and Lists

Vulnerabilities 14Slug ditty-news-tickerLatest version 3.1.64WordPress.org →

Minimum safe version

3.1.59

Update to 3.1.59 or later to address 14 fixable vulnerabilities

Latest available3.1.64 ✓

N/A

2025-09-08< 3.1.58

Ditty <= 3.1.57 - Unauthenticated Server-Side Request Forgery

EUVD Wordfence CVE

Medium 6.5

2025-09-26< 3.1.59

Ditty <= 3.1.58 - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence EUVD CVE

Medium 4.8

2025-05-15< 3.1.52

CVE-2024-13357

CVE EUVD Patchstack Wordfence

Medium 4.8

2024-11-21< 3.1.47

CVE-2024-9600

CVE Patchstack Wordfence

Medium 6.1

2024-08-23< 3.1.46

CVE-2024-6715

CVE Wordfence

Medium 5.4

2024-08-05< 3.1.45

CVE-2024-6710

CVE Patchstack Wordfence

Medium 4.7

2024-07-15< 3.1.43

WordPress Ditty Plugin < 3.1.43 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence

Medium 5.4

2024-05-27< 3.1.36

CVE-2024-3939

CVE Patchstack Wordfence

High 8.8

2024-05-09< 3.1.39

CVE-2024-3954

CVE Patchstack Wordfence

Medium 6.5

2024-04-18< 3.1.32

CVE-2024-32569

CVE Patchstack Wordfence

Medium 6.5

2024-12-09< 3.1.25

CVE-2023-47764

CVE Patchstack Wordfence WPScan

Medium 6.1

2023-09-26< 3.1.25

WordPress Ditty Plugin < 3.1.25 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

Medium 6.5

2023-05-03< 3.0.33

CVE-2023-23874

CVE Patchstack Wordfence WPScan

Medium 6.1

2022-03-07< 3.0.15

CVE-2022-0533

CVE Wordfence WPScan