Lucene search
Dylan IrziPATCHSTACK:9BFADECADB95EE62C2E1785EBDF9984CHistoryJul 28, 2014 - 12:00 a.m.
WordPress WhyDoWork AdSense Plugin - Multiple Vulnerabilities
2014-07-2800:00:00
Dylan Irzi
patchstack.com
5
0.002 Low
EPSS
Percentile
53.0%
WhyDoWork AdSense plugin is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. These vulnerabilities allow an attacker to execute arbitrary script code in the browser, also, steal cookie-based authentication credentials.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| whydowork adsense | le | 1.2 |
References
Related
cve
cve
CVE-2014-9099
2022-10-03 16:20:40
prion
prion
Cross site request forgery (csrf)
2014-11-26 15:59:00
nvd
nvd
CVE-2014-9099
2014-11-26 15:59:15
patchstack
patchstack
WordPress WhyDoWork AdSense Plugin <= 1.2 - CSRF
2014-11-26 00:00:00
cvelist
cvelist
CVE-2014-9099
2022-10-03 16:20:40
wpvulndb
wpvulndb
WhyDoWork AdSense 1.2 - XSS & CSRF
2014-12-29 23:23:56