Vulnerabilities > AD Inserter Project > AD Inserter > 2.4.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-4668 | Missing Authorization vulnerability in AD Inserter Project AD Inserter The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. | 7.5 |
| 2023-05-15 | CVE-2023-1549 | Unspecified vulnerability in AD Inserter Project AD Inserter The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present | 7.2 |
| 2022-02-21 | CVE-2022-0288 | Cross-site Scripting vulnerability in multiple products The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | 4.3 |
| 2019-08-22 | CVE-2019-15324 | Improper Input Validation vulnerability in AD Inserter Project AD Inserter The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. | 6.5 |
| 2019-08-22 | CVE-2019-15323 | Path Traversal vulnerability in AD Inserter Project AD Inserter The ad-inserter plugin before 2.4.20 for WordPress has path traversal. | 7.5 |