CSRF Vulnerability in WP Simple Adsense Insertion WordPress Plugin

CSRF Vulnerability in WP Simple Adsense Insertion WordPress Plugin

CVE-2022-1695 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form.

Learn more about our Wordpress Pen Testing.