Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49169 | 1 Datafeedr | 1 Ads By Datafeedr.com | 2024-02-28 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in datafeedr.Com Ads by datafeedr.Com allows Stored XSS.This issue affects Ads by datafeedr.Com: from n/a through 1.2.0. | |||||
| CVE-2023-5843 | 1 Datafeedr | 1 Ads By Datafeedr.com | 2024-02-28 | N/A | 9.8 CRITICAL |
| The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.1.3 via the 'dfads_ajax_load_ads' function. This allows unauthenticated attackers to execute code on the server. The parameters of the callable function are limited, they cannot be specified arbitrarily. | |||||