ad_inserter_project CVE 脆弱性と CVE 一覧(7)

製品(CPE): — CVE 件数: 7

ad_inserter_project 脆弱性概要

ad_inserter_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk csrf、パス処理の欠陥, and vendor risk input validation に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact unexpected behavior and ファイル上書き などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 17 / 7 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-4668 The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins (present and active), active theme, various plugin settings, WordPress version, as well as some server settings such as memory limit, installation paths. [email protected] 5.3 0.51% 2023-10-20 2026-06-17
CVE-2023-1549 The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present [email protected] 7.2 16.90% 2023-05-15 2026-06-17
CVE-2022-0901 The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters [email protected] 6.1 3.54% 2022-04-04 2026-06-17
CVE-2022-0288 The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting [email protected] 6.1 2.39% 2022-02-21 2026-06-17
CVE-2015-9497 The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php. [email protected] 8.8 0.98% 2019-10-22 2026-06-16
CVE-2019-15324 The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. [email protected] 8.8 3.64% 2019-08-22 2026-06-16
CVE-2019-15323 The ad-inserter plugin before 2.4.20 for WordPress has path traversal. [email protected] 7.5 2.03% 2019-08-22 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence