7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
This WordPress AdRotate pluginβs clicktracker.php βtrack paramβ parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database.
Upgrade the plugin to 3.9.5.
CPE | Name | Operator | Version |
---|---|---|---|
adrotate banner manager | le | 3.9.4 |