cleantalk
Vulnerabilities and Security Researches

Woody code snippets – Insert Header Footer Code, AdSense Ads, CVE-2019-16289

CVE, Research URL

CVE-2019-16289

Home page URL

Security reports for Woody code snippets – Insert Header Footer Code, AdSense Ads

Application

Woody code snippets – Insert Header Footer Code, AdSense Ads

Published on
Sep 13, 2019
Research Description
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.
Affected versions
max 2.2.9.
Status
vulnerable
Previous vulnerability researches
Woody code snippets – Insert Header Footer Code, AdSense Ads (CVE-2019-15858) , Jun 07, 2024
Woody code snippets – Insert Header Footer Code, AdSense Ads (CVE-2019-14773) , Jun 07, 2024
Woody code snippets – Insert Header Footer Code, AdSense Ads (CVE-2021-4342) , Jun 07, 2024
Woody code snippets – Insert Header Footer Code, AdSense Ads (CVE-2019-16289) , Jun 07, 2024
Woody code snippets – Insert Header Footer Code, AdSense Ads (CVE-2020-36759) , Jun 07, 2024
New vulnerability
File Manager Pro – Filester , Mar 30, 2026
Simple Author Box , Mar 30, 2026
Customizable WordPress Gallery Plugin – Modula Image Gallery , Mar 30, 2026
Speed Optimizer – The All-In-One WordPress Performance-Boosting Plugin , Mar 30, 2026
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026