cleantalk
Vulnerabilities and Security Researches

Ad Inserter – Ad Manager & AdSense Ads, CVE-2022-0901

CVE, Research URL

CVE-2022-0901

Home page URL

Security reports for Ad Inserter – Ad Manager & AdSense Ads

Application

Ad Inserter – Ad Manager & AdSense Ads

Published on
Apr 04, 2022
Research Description
The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Affected versions
max 1.5.6.
Status
vulnerable
Previous vulnerability researches
Ad Inserter – Ad Manager & AdSense Ads (CVE-2024-49248) , Oct 18, 2024
Ad Inserter – Ad Manager & AdSense Ads (CVE-2025-22623) , Mar 07, 2025
Ad Inserter – Ad Manager & AdSense Ads (CVE-2022-0288) , Jun 06, 2024
Ad Inserter – Ad Manager & AdSense Ads (CVE-2025-11745) , Nov 11, 2025
Ad Inserter – Ad Manager & AdSense Ads (CVE-2015-9497) , Jun 06, 2024
New vulnerability
Wikipedia Preview (CVE-2025-52738) , Nov 11, 2025
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (CVE-2025-62973) , Nov 11, 2025
GoCache (CVE-2025-62966) , Nov 11, 2025
WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2025-62006) , Nov 11, 2025
Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One (CVE-2025-12156) , Nov 11, 2025