Quick Adsense < 2.8.2 - Subscriber+ Post Stats Reset

The plugin does not have authorisation and CSRF checks in some of its AJAX actions allowing any authenticated users, such as subscribers to call them and reset Posts stats for example PoC fetch"/wp-admin/admin-ajax.php", "headers": "accept": "/", "accept-language": "en-US,en;q=0.9", "content-type...

WordPress Quick Adsense plugin <= 2.8.1 - Post Stats Reset vulnerability

Post Stats Reset vulnerability discovered by Jan w Oleju in WordPress Quick Adsense plugin versions = 2.8.1. Solution Update the WordPress Quick Adsense plugin to the latest available version at least 2.8.2...