Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total4
Critical0
High1
Medium3
Reset
Showing 1-4 of 4 records
Threat Entry Updated 2024-11-21

CVE-2022-0662 - Adrotate Plugin

The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

PLUGIN Adrotate

CVE-2022-0662

MEDIUM CVSS 4.8 2022-05-02
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2022-0649 - Adrotate Plugin

The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

PLUGIN Adrotate

CVE-2022-0649

MEDIUM CVSS 4.8 2022-05-02
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2022-0267 - Adrotate Plugin

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection

PLUGIN Adrotate

CVE-2022-0267

HIGH CVSS 7.2 2022-03-07
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24138 - Adrotate Plugin

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.

PLUGIN Adrotate

CVE-2021-24138

MEDIUM CVSS 5.5 2021-03-18
Open Full Technical Breakdown
Scroll to top