CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18487 – AdPush <= 1.43 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18487
The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. El complemento adsense-plugin (también conocido como Google AdSense) versión anteriores a 1.44 para WordPress tiene múltiples problemas XSS. The AdPush plugin for WordPress is vulnerable to multiple Cross-Site Scripting in versions up to, and including, 1.43 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wordpress.org/plugins/adsense-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1000009 – Google Adsense and Hotel Booking <= 1.05 - Open Proxy
https://notcve.org/view.php?id=CVE-2015-1000009
Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05 Proxy abierto en plugin de Wordpress google-adsense-and-hotel-booking v1.05 • http://www.vapidlabs.com/advisory.php?v=151 • CWE-284: Improper Access Control •