Woody Ad Snippets Security Vulnerabilities and Issues — Woody Ad Snippets CVE List

Lucene search

WebcrafticWoody Ad Snippets

4 matches found

CVE•added 2019/09/13 3:15 p.m.•218 views

CVE-2019-16289

The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.

5.4CVSS5.2AI score0.00416EPSS

CVE•added 2019/08/08 8:15 p.m.•64 views

CVE-2019-14773

admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.

7.5CVSS7.5AI score0.00254EPSS

CVE•added 2019/09/03 7:15 a.m.•61 views

CVE-2019-15858

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.

8.8CVSS8.7AI score0.59563EPSS

CVE•added 2024/06/15 9:15 a.m.•51 views

CVE-2024-3105

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized ...

9.9CVSS9.6AI score0.48453EPSS