Vulnerabilities > Adrotateplugin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-02-27 | CVE-2014-1854 | SQL Injection vulnerability in Adrotateplugin Adrotate SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter. | 7.5 |
| 2011-12-02 | CVE-2011-4671 | SQL Injection vulnerability in Adrotateplugin Adrotate SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL). | 7.5 |