Acnam: >> Ad Invalid Click Protector >> 1.2.3 Security Vulnerabilities
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.7 does not have CSRF check deleting banned users, which could allow attackers to make a logged in admin remove arbitrary bans
CVSS Score
6.5
EPSS Score
0.001
Published
2022-05-02
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-02-14