Product
plot plotly
5 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-21485
CVE-2023-46308
CVE-2015-5484
CVE-2015-9347
CVE-2017-1000006
< 2.13.0
Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of
< 2.25.2
In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty.
< 1.0.3
Cross-site scripting (XSS) vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remote authenticated users to inje
< 1.0.3
The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors.
all versions
Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.