Lucene search
K

8 matches found

Malwarebytes
Malwarebytes
added 2026/01/26 2:28 p.m.8 views

Get paid to scroll TikTok? The data trade behind Freecash ads

Loyal readers and other privacy-conscious people will be familiar with the expression, “If it’s too good to be true, it’s probably false.” Getting paid handsomely to scroll social media definitely falls into that category. It sounds like an easy side hustle, which usually means there’s a catch. I...

5.8AI score
Exploits0
Hacker One
Hacker One
added 2024/11/18 12:27 p.m.16 views

TikTok: IDOR on ads.tiktok.com Allows Unauthorized Product Addition

An Insecure Direct Object Reference IDOR vulnerability was discovered on the TikTok Ads API that allowed the addition of arbitrary products to a user's catalog without proper authorization...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2024/01/07 12:16 a.m.8 views

TikTok: Stored-XSS-ads.tiktok.com

A stored cross-site scripting XSS vulnerability was found on a TikTok Ads endpoint, allowing MP4 video files or files with HTML or JS code to be executed in a user's browser...

5.5AI score
Exploits0
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Add Tiktok Pixel for Tiktok ads (+Woocommerce) Plugin < 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Add Tiktok Pixel for Tiktok ads +Woocommerce Type Plugin Vulnerable versions 1.2.7 Fixed in 1.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 92194b39a569 Credits Rafie...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2022/08/29 8:28 a.m.49 views

TikTok: XSS at TikTok Ads Endpoint

Vulnerability description not provided...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2022/05/19 10:32 a.m.27 views

TikTok: Internal Employee informations Disclosure via TikTok Athena api

A vulnerability was found where internal employee email address could be disclosed on a TikTok Ads endpoint API by adding an "employeeemail" value to the "metrics" field/array in the request body. We thank @heinthant for reporting this to our team...

1.7AI score
Exploits0
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.15 views

WordPress Add Tiktok Pixel for Tiktok ads (+Woocommerce) plugin <= 1.2.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Add Tiktok Pixel for Tiktok ads +Woocommerce plugin versions = 1.2.1. Solution Update the WordPress Add Tiktok Pixel for Tiktok ads +Woocommerce plugin to the latest available version at least 1.2.2...

2.7AI score
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2020/09/17 8:36 p.m.154 views

TikTok: Cross-Tenant IDOR ( graphql `AddRulesToPixelEvents` query ) allowing to add, update, and delete rules of any Pixel events on the platform

Due to an Insecure Direct Object Reference IDOR vulnerability, an attacker could have potentially added, deleted, or updated rules for other users' pixel events in the TikTok ads portal. We thank @bubbounty for reporting this to our team and confirming the resolution. This report is one of my...

2.6AI score
Exploits0
Rows per page
Query Builder