8 matches found
CVE-2023-49169
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in datafeedr.Com Ads by datafeedr.Com allows Stored XSS.This issue affects Ads by datafeedr.Com: from n/a through 1.2.0...
WordPress Plugin Ads by datafeedr.com Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2023-31086 · Unknown · Ads By Datafeedr.Com
Name of the Vulnerable Software and Affected Versions: Ads by datafeedr.Com versions 1.2.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject malicious...
CVE-2023-5843
The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfadsajaxloadads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot b...
Remote code execution
The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfadsajaxloadads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot b...
CVE-2023-5843 Ads by datafeedr.com <= 1.1.3 - Unauthenticated (Limited) Remote Code Execution
The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfadsajaxloadads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot b...
CVE-2023-5843 Ads by datafeedr.com <= 1.1.3 - Unauthenticated (Limited) Remote Code Execution
The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfadsajaxloadads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot b...
PT-2023-32374 · WordPress · Ads By Datafeedr.Com
Name of the Vulnerable Software and Affected Versions: Ads by datafeedr.com plugin for WordPress versions up to, and including, 1.1.3 Description: The issue allows unauthenticated attackers to execute code on the server via the dfads ajax load ads function. This function has limited parameters th...