WhyDoWork AdSense plugin is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. These vulnerabilities allow an attacker to execute arbitrary script code in the browser, also, steal cookie-based authentication credentials.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
whydowork adsense | le | 1.2 |