RSS   Vulnerabilities for 'Ad inserter'   RSS

2022-04-04
 
CVE-2022-0901

CWE-79
 

 
The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

 
2022-02-21
 
CVE-2022-0288

CWE-79
 

 
The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

 
2019-08-22
 
CVE-2019-15323

CWE-22
 

 
The ad-inserter plugin before 2.4.20 for WordPress has path traversal.

 


Copyright 2022, cxsecurity.com

 

Back to Top