2 matches found
CVE-2022-3427
CVE-2022-3427 affects the Corner Ad plugin for WordPress up to version 1.0.56. The root cause is missing or incorrect nonce validation on the corner_ad_settings_page function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to trigger deletion of ads via forged requests...
CVE-2017-18579
CVE-2017-18579 affects the Corner Ad WordPress plugin prior to 1.0.8. The vulnerability is a cross-site scripting (XSS) flaw in the plugin. The CNVD entry states that an attacker can exploit this vulnerability to execute client-side code; NVD details show a network-facing vector with at least par...