Lucene search
+L

5 matches found

NVD
NVD
added 2026/07/03 9:16 a.m.9 views

CVE-2026-11900

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.8.16 via the 'data' attribute of the adinserter shortcode. This is due to the replaceaitags function processing a reusable-block-N tag pattern that...

4.3CVSS0.00273EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/07/03 7:53 a.m.37 views

CVE-2026-11900 Ad Inserter <= 2.8.16 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Post Content Disclosure via 'data' Shortcode Attribute

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.8.16 via the 'data' attribute of the adinserter shortcode. This is due to the replaceaitags function processing a reusable-block-N tag pattern that...

4.3CVSS0.00273EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:53 a.m.5 views

CVE-2026-11900

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.8.16 via the 'data' attribute of the adinserter shortcode. This is due to the replaceaitags function processing a reusable-block-N tag pattern that...

4.3CVSS6AI score0.00273EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.10 views

PT-2023-19854 · WordPress · The Go Pricing - Wordpress Responsive Pricing Tables

Name of the Vulnerable Software and Affected Versions: The Go Pricing - WordPress Responsive Pricing Tables plugin versions up to, and including, 3.3.19 Description: The issue allows authenticated attackers with subscriber-level permissions and above to inject a PHP Object via deserialization of...

8.8CVSS8.9AI score0.00884EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/07 12:0 a.m.3 views

Wordpress Plugin SupportCandy 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in Wordpress Plugin SupportCandy, which stems from the product's failure to effectively hand...

5.4CVSS5.4AI score0.00604EPSS
Exploits2References2
Rows per page
Query Builder