2 matches found
CVE-2022-1695
The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form...
CVE-2022-1695
CVE-2022-1695 affects the WordPress plugin WP Simple Adsense Insertion (before 2.1). The root cause is the absence of CSRF checks on updates to the plugin’s admin page, enabling an attacker to trick a logged-in user into submitting a form that can manipulate ads and inject arbitrary JavaScript. P...