The Ad Inserter WordPress plugin prior to 2.7.10, Ad Inserter Pro WordPress plugin prior to 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ad inserter pro project ad inserter pro |
||
ad inserter project ad inserter |