CVE-2022-1695

The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form...

CVE-2022-1695

The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form...

WordPress plugin WP Simple Adsense Insertion 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Simple Adsense Insertion plugin prior to version 2.1 is vulnerable to cross-site request...

CVE-2022-1695

CVE-2022-1695 affects the WordPress plugin WP Simple Adsense Insertion (before 2.1). The root cause is the absence of CSRF checks on updates to the plugin’s admin page, enabling an attacker to trick a logged-in user into submitting a form that can manipulate ads and inject arbitrary JavaScript. P...

WP Simple Adsense Insertion < 2.1 - Inject ads and javascript via CSRF

The plugin does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form. PoC...