Ad Inserter@* Security Vulnerabilities and Issues — Ad Inserter@* CVE List

Lucene search

Ad Inserter ProjectAd Inserter*

7 matches found

CVE•added 2019/10/22 9:15 p.m.•111 views

CVE-2015-9497

The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.

8.8CVSS8.3AI score0.00411EPSS

CVE•added 2022/02/21 11:15 a.m.•110 views

CVE-2022-0288

The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

6.1CVSS6AI score0.0304EPSS

CVE•added 2022/04/04 4:15 p.m.•72 views

CVE-2022-0901

The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

6.1CVSS6AI score0.002EPSS

CVE•added 2023/10/20 8:15 a.m.•49 views

CVE-2023-4668

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins (present and active), active theme, var...

7.5CVSS7.1AI score0.00641EPSS

CVE•added 2019/08/22 2:15 p.m.•47 views

CVE-2019-15323

The ad-inserter plugin before 2.4.20 for WordPress has path traversal.

7.5CVSS7.6AI score0.00734EPSS

CVE•added 2019/08/22 2:15 p.m.•44 views

CVE-2019-15324

The ad-inserter plugin before 2.4.22 for WordPress has remote code execution.

8.8CVSS9.1AI score0.08453EPSS

CVE•added 2023/05/15 1:15 p.m.•43 views

CVE-2023-1549

The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

7.2CVSS7.2AI score0.1533EPSS