Vulnerabilities > AD Inserter Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2022-0901 | Unspecified vulnerability in AD Inserter Project AD Inserter The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters | 6.1 |
| 2022-02-21 | CVE-2022-0288 | The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | 6.1 |