RSS   Vulnerabilities for 'Woody ad snippets'   RSS

2019-09-13
 
CVE-2019-16289

CWE-79
 

 
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.

 
2019-09-03
 
CVE-2019-15858

CWE-20
 

 
admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.

 
2019-08-08
 
CVE-2019-14773

CWE-254
 

 
admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.

 

 >>> Vendor: Webcraftic 3 Products
Woody ad snippets
Simple 301 redirects-addon-bulk uploader
Simple 301 redirects


Copyright 2024, cxsecurity.com

 

Back to Top