Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
WebcrafticWoody Ad Snippets

3 matches found

CVE
CVEadded 2019/09/13 3:15 p.m.218 views

CVE-2019-16289

The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.

5.4CVSS5.2AI score0.00416EPSS
CVE
CVEadded 2019/08/08 8:15 p.m.64 views

CVE-2019-14773

admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.

7.5CVSS7.5AI score0.00254EPSS
CVE
CVEadded 2019/09/03 7:15 a.m.61 views

CVE-2019-15858

admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.

8.8CVSS8.7AI score0.59182EPSS