. contents:: Table Of Content
This plugin is vulnerable to a Stored cross site scripting vulnerability,This issue was exploited when administrator users with access to AdPlugg Setting in wordpress Access code parameter is vulnerable for stored XSS. A malicious administration can hijack other users session, take control of another administrator's browser or install malware on their computer.
Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS)
After installing the plugin
Update to Version 1.1.34
https://wordpress.org/plugins/adplugg/changelog/
18-February-2015 reported to developer
19-February-2015 Developer acknodlage the Bug
19-February-2015 Developer Patched the Bug and Push update
21-February-2015 Public Discloser