WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Simple Adsense Insertion plugin prior to version 2.1 is vulnerable to cross-site request forgery, which stems from the plugin’s failure to perform CSRF checks. An attacker could use this vulnerability to trick logged-in users into manipulating ads and injecting arbitrary JavaScript via a submission form.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wp simple adsense insertion plugin | lt | 2.1 |