IDCVSSSummaryLast (major) updatePublished
CVE-2015-20105 6.8
The ClickBank Affiliate Ads WordPress plugin through 1.20 does not have CSRF check when saving its settings, allowing attacker to make logged in admin change them via a CSRF attack. Furthermore, due to the lack of escaping when they are outputting, i
04-12-2021 - 02:37 02-12-2021 - 18:15
CVE-2015-20106 3.5
The ClickBank Affiliate Ads WordPress plugin through 1.20 does not escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.
04-12-2021 - 02:33 02-12-2021 - 18:15
Back to Top Mark selected
Back to Top