VYPR

Ad Inserter – Ad Manager & AdSense Ads

by WordPress

CVEs (3)

  • CVE-2025-11745MedNov 5, 2025
    risk 0.42cvss 6.4epss 0.00

    The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field through the plugin's 'adinserter' shortcode in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping on…

  • CVE-2026-9280MedJun 6, 2026
    risk 0.40cvss 6.1epss 0.00

    The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2025-22623MedMar 6, 2025
    risk 0.33cvss epss 0.00

    Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/includes/dst/dst.php.