VYPR

Woody ad snippets

by WordPress

CVEs (3)

  • CVE-2019-15858HigSep 3, 2019
    risk 0.59cvss 8.8epss 0.21

    admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution.

  • CVE-2019-14773HigAug 8, 2019
    risk 0.49cvss 7.5epss 0.02

    admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.

  • CVE-2024-35751MedJun 8, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through 2.4.10.