Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ad Inserter Project Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15323 1 Ad Inserter Project 1 Ad Inserter 2023-02-24 5.0 MEDIUM 7.5 HIGH
The ad-inserter plugin before 2.4.20 for WordPress has path traversal.
CVE-2022-0901 1 Ad Inserter Project 1 Ad Inserter 2022-04-11 4.3 MEDIUM 6.1 MEDIUM
The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
CVE-2022-0288 2 Ad Inserter Pro Project, Ad Inserter Project 2 Ad Inserter Pro, Ad Inserter 2022-02-28 4.3 MEDIUM 6.1 MEDIUM
The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
CVE-2015-9497 1 Ad Inserter Project 1 Ad Inserter 2019-10-23 6.8 MEDIUM 8.8 HIGH
The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.
CVE-2019-15324 1 Ad Inserter Project 1 Ad Inserter 2019-08-26 6.5 MEDIUM 8.8 HIGH
The ad-inserter plugin before 2.4.22 for WordPress has remote code execution.