Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday100 views

WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution

WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution. id:...

8.8CVSS7.4AI score0.20813EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:35 a.m.17 views

CVE-2019-15858

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution...

8.8CVSS6.9AI score0.20813EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2019/09/12 9:52 p.m.133 views

Exploit for Missing Authentication for Critical Function in Webcraftic Woody_Ad_Snippets

CVE-2019-15858 Unauthenticated Remote Code Execution at Wood...

8.8CVSS8.6AI score0.20813EPSS
Exploits2
OSV
OSV
added 2019/09/03 7:15 a.m.3 views

CVE-2019-15858

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution...

8.8CVSS6AI score0.20813EPSS
Exploits2References2
CVE
CVE
added 2019/09/03 6:14 a.m.92 views

CVE-2019-15858

CVE-2019-15858 concerns the WordPress plugin Woody Ad Snippets (before 2.2.5). The vulnerability arises in admin/includes/class.import.snippet.php, where an unauthenticated options import function can be abused to store a payload, enabling cross‑site scripting and, in turn, remote code execution....

8.8CVSS8.7AI score0.20813EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2019/09/03 6:14 a.m.32 views

CVE-2019-15858

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution...

8.9AI score0.20813EPSS
Exploits2References2
Rows per page
Query Builder