Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ad inserter project ad inserter vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-0288
The Ad Inserter WordPress plugin prior to 2.7.10, Ad Inserter Pro WordPress plugin prior to 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Ad Inserter Project Ad Inserter
Ad Inserter Pro Project Ad Inserter Pro
6.1
CVSSv3
CVE-2022-0901
The Ad Inserter Free and Pro WordPress plugins prior to 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Ad Inserter Project Ad Inserter
7.5
CVSSv3
CVE-2019-15323
The ad-inserter plugin prior to 2.4.20 for WordPress has path traversal.
Ad Inserter Project Ad Inserter
8.8
CVSSv3
CVE-2019-15324
The ad-inserter plugin prior to 2.4.22 for WordPress has remote code execution.
Ad Inserter Project Ad Inserter
7.2
CVSSv3
CVE-2023-1549
The Ad Inserter WordPress plugin prior to 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
Ad Inserter Project Ad Inserter
8.8
CVSSv3
CVE-2015-9497
The ad-inserter plugin prior to 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.
Ad Inserter Project Ad Inserter
7.5
CVSSv3
CVE-2023-4668
The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated malicious users to extract sensitive data including installed plugins (present and a...
Ad Inserter Project Ad Inserter
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started