CVE-2023-4668

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins (present and active), active theme, var...

CVE-2023-1549

The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present