CVEs-PoC/2015/CVE-2015-9497.md

CVE-2015-9497

Description

The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.

POC

Reference

• https://packetstormsecurity.com/files/131798/
• https://packetstormsecurity.com/files/131798/
• https://wpvulndb.com/vulnerabilities/7974
• https://wpvulndb.com/vulnerabilities/7974

Github

• https://github.com/ARPSyndicate/cvemon