Vulnerabilities > Ajdg

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-0649 Cross-site Scripting vulnerability in Ajdg Adrotate
The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
ajdg CWE-79
3.5
2022-05-02 CVE-2022-0662 Cross-site Scripting vulnerability in Ajdg Adrotate
The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
ajdg CWE-79
3.5
2021-03-18 CVE-2021-24138 SQL Injection vulnerability in Ajdg Adrotate
Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id".
network
low complexity
ajdg CWE-89
5.5
2019-07-23 CVE-2019-13570 SQL Injection vulnerability in Ajdg Adrotate
The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection.
network
low complexity
ajdg CWE-89
6.5