Adrotateplugin Adrotate vulnerabilities
2 known vulnerabilities affecting adrotateplugin/adrotate.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2014-1854P3HIGHCVSS 7.5PoCv3.9.v3.9.1+4 more2014-02-27
CVE-2014-1854 [HIGH] CWE-89 CVE-2014-1854: SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter.
nvd
CVE-2011-4671P3HIGHCVSS 7.5PoC≤ 3.6.7v0.1+45 more2011-12-02
CVE-2011-4671 [HIGH] CWE-89 CVE-2011-4671: SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other ver
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).
nvd