Lucene search
K

242 matches found

CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

WordPress plugin WP AdCenter – Ad Manager & Adsense Ads 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS7.7AI score0.00362EPSS
Exploits0References2
OSV
OSV
added 2024/11/01 3:15 p.m.2 views

CVE-2024-47317

Missing Authorization vulnerability in WP Quads Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads: from n/a through 2.0.84...

8.8CVSS5.8AI score0.00375EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.43 views

CVE-2024-47317

Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded.This issue affects Ads by WPQuads: from n/a through = 2.0.84...

8.8CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:17 p.m.60 views

CVE-2024-47317

The CVE-2024-47317 entry covers a Missing Authorization/Broken Access Control issue in the WordPress plugin Ads by WPQuads (WPQuads Ads) versions up to 2.0.84. The vulnerability is due to incorrectly configured access control, enabling unauthorized access for subscribers. Patch details in the con...

8.8CVSS5.9AI score0.00375EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/09/06 7:15 a.m.17 views

CVE-2024-8317

The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘adalignment’ attribute in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00323EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/09/06 6:50 a.m.16 views

CVE-2024-8317 WP AdCenter – Ad Manager & Adsense Ads <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ad_alignment Attribute

The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘adalignment’ attribute in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00323EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/09/06 6:50 a.m.20 views

CVE-2024-8317 WP AdCenter – Ad Manager & Adsense Ads <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ad_alignment Attribute

The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘adalignment’ attribute in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.8AI score0.00323EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-18246 · WordPress · Adfoxly

Name of the Vulnerable Software and Affected Versions: AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress versions up to, and including, 1.8.5 Description: The issue allows unauthorized modification of data due to a missing capability check on the adfoxly ad status function. This...

7.3AI score
Exploits0References3
Patchstack
Patchstack
added 2024/07/11 1:47 p.m.4 views

WordPress AdsforWP plugin <= 1.9.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Google Adsense & Banner Ads by AdsforWP versions = 1.9.28...

4.3CVSS7AI score0.00191EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.14 views

WordPress Google Adsense & Banner Ads by AdsforWP Plugin <= 1.9.28 is vulnerable to Cross Site Request Forgery (CSRF)

Software Google Adsense & Banner Ads by AdsforWP Type Plugin Vulnerable versions = 1.9.28 Fixed in 1.9.29 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-38751 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c7cf2e020d8d Credits...

6.4AI score0.00191EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/06/15 9:15 a.m.48 views

CVE-2024-3105

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insertphp' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized...

9.9CVSS0.02778EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/06/15 12:0 a.m.10 views

PT-2024-23740 · Unknown +1 · Adsense Ads +1

Name of the Vulnerable Software and Affected Versions: Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress versions up to, and including, 2.5.0 Description: The issue allows for Remote Code Execution via the insert php shortcode due to the lack of restrictions on its...

9.9CVSS8.3AI score0.02778EPSS
Exploits1References9
WPVulnDB
WPVulnDB
added 2024/06/14 12:0 a.m.13 views

Woody code snippets – Insert Header Footer Code, AdSense Ads < 2.5.1 -Authenticated (Contributor+) Remote Code Execution

Description The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insertphp' shortcode. This is due to the plugin not restricting the usage of the functionality to high leve...

9.9CVSS7.6AI score0.02778EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/06/09 6:35 p.m.58 views

CVE-2024-34802

CVE-2024-34802 is a Missing Authorization vulnerability in the WordPress plugin “AdFoxly – Ad Manager, AdSense Ads & Ads.Txt” affecting versions up to 1.8.5. Connected sources corroborate the same description (Red Hat CVE entry RH:CVE-2024-34802; NVD entry CVE-2024-34802). The NVD entry reports a...

9.8CVSS7.2AI score0.00344EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/29 12:0 a.m.13 views

AdFoxly – Ad Manager, AdSense Ads & Ads.txt <= 1.8.5 - Missing Authorization

Description The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to perform an unauthorized action...

9.8CVSS6.6AI score0.00344EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/20 12:0 a.m.14 views

WordPress AdFoxly – Ad Manager, AdSense Ads & Ads.txt Plugin <= 1.8.5 is vulnerable to Broken Access Control

Software AdFoxly – Ad Manager, AdSense Ads & Ads.txt Type Plugin Vulnerable versions = 1.8.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34802 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ce75fd580f25 Credits...

9.8CVSS6.5AI score0.00344EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/08 12:0 a.m.7 views

WordPress Advanced Ads – Ad Manager & AdSense Plugin <= 1.52.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Ads – Ad Manager & AdSense Type Plugin Vulnerable versions = 1.52.1 Fixed in 1.52.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3952 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e7fb57cc8591 Credits...

6.4CVSS5.8AI score0.00436EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/08 12:0 a.m.13 views

WordPress Advanced Ads – Ad Manager & AdSense Plugin <= 1.52.1 is vulnerable to PHP Object Injection

Software Advanced Ads – Ad Manager & AdSense Type Plugin Vulnerable versions = 1.52.1 Fixed in 1.52.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-2290 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 1580e82fdb8d Credits ST Required privilege...

7.2CVSS6.8AI score0.0094EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.8 views

WordPress AdsPlace'r – Ad Manager, Inserter, AdSense Ads Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software AdsPlace'r – Ad Manager, Inserter, AdSense Ads Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31088 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f29b9c4efc4a Credits Dim...

6.6AI score0.00182EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/18 5:15 p.m.7 views

CVE-2023-46617

Cross-Site Request Forgery CSRF vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5...

8.8CVSS7.3AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder