Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday40 views

WordPress Ad Inserter <2.7.10 - Cross-Site Scripting

WordPress Ad Inserter plugin before 2.7.10 contains a cross-site scripting vulnerability. It does not sanitize and escape the htmlelementselection parameter before outputting it back in the page. id: CVE-2022-0288 info: name: WordPress Ad Inserter 2.7.10 - Cross-Site Scripting author: DhiyaneshDK...

6.1CVSS6.3AI score0.02389EPSS
Exploits2References4
Circl
Circl
added 2025/02/19 9:2 p.m.9 views

CVE-2022-0288

creationtimestamp| type| source ---|---|--- 2025-02-19 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodqig732b...

6.1CVSS6.8AI score0.02389EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/02/21 11:15 a.m.6 views

CVE-2022-0288

The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the htmlelementselection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.02389EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/02/21 10:46 a.m.19 views

CVE-2022-0288 Ad Inserter < 2.7.10 - Reflected Cross-Site Scripting

The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the htmlelementselection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.2AI score0.02389EPSS
Exploits2References1
CVE
CVE
added 2022/02/21 10:46 a.m.140 views

CVE-2022-0288

CVE-2022-0288 affects WordPress Ad Inserter and Ad Inserter Pro plugins prior to 2.7.10. The vulnerability arises from failing to sanitize/escape the html_element_selection parameter before echoing it in pages, causing Reflected XSS. Impact: client-side script execution in the victim’s browser. R...

6.1CVSS6AI score0.02389EPSS
Exploits2References1Affected Software2
Rows per page
Query Builder