RSS   Vulnerabilities for 'Ad invalid click protector'   RSS

2022-05-02
 
CVE-2022-0191

CWE-352
 

 
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.7 does not have CSRF check deleting banned users, which could allow attackers to make a logged in admin remove arbitrary bans

 
2022-02-14
 
CVE-2022-0190

CWE-89
 

 
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.

 


Copyright 2022, cxsecurity.com

 

Back to Top