WordPress Plugin Vulnerabilities

Ads for WP <= 1.5 - XSS & Lack of Authorisation

Description

The Ads for WP – Advanced Ads & Adsense Solution for WP & AMP WordPress plugin was affected by a XSS & Lack of Authorisation security vulnerability.

Affects Plugins

Plugin icon
ads-for-wp
Fixed in 1.6

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=2057547%40ads-for-wp&old=2043726%40ads-for-wp

Miscellaneous

Verified
No
WPVDB ID
43a5814f-1550-4d5d-9eea-61f55c2fe83a

Timeline

Publicly Published
2019-03-25 (about 7 years ago)
Added
2019-06-25 (about 6 years ago)
Last Updated
2019-06-25 (about 6 years ago)

Other

Published
Title
Published
2018-10-02
Title
Companion Auto Update <= 3.2.0 - CSRF & LFI
Published
2020-03-23
Title
WPvivid Backup < 0.9.36 - Missing Authorization Leading To Database Leak
Published
2021-07-10
Title
ProfilePress < 3.1.11 - Multiple Vulnerabilities
Published
2021-07-02
Title
Workreap < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities
Published
2019-06-22
Title
Import users from CSV with meta < 1.14.2.2 - CSRF leading to attachment deletion & Path Traversal