Webcraftic Woody Ad Snippets — known CVE vulnerabilities
Every CVE whose affected-product data names Webcraftic Woody Ad Snippets, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-15858 — CVSS 8.8 (high): admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import…
CVE-2019-14773 — CVSS 7.5 (high): admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action…
CVE-2019-16289 — CVSS 5.4 (medium): The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.