Ad_inserter_project Ad_inserter
7 CVEs affecting Ad_inserter_project Ad_inserter. Latest disclosed: 2023-10-20. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-9497 | High | 8.8 | 2019-10-22 | The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php. |
CVE-2019-15324 | High | 8.8 | 2019-08-22 | The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. |
CVE-2019-15323 | High | 7.5 | 2019-08-22 | The ad-inserter plugin before 2.4.20 for WordPress has path traversal. |
CVE-2023-1549 | High | 7.2 | 2023-05-15 | The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perfo… |
CVE-2022-0901 | Medium | 6.1 | 2022-04-04 | The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to… |
CVE-2022-0288 | Medium | 6.1 | 2022-02-21 | The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter… |
CVE-2023-4668 | Medium | 5.3 | 2023-10-20 | The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL param… |