{"vulnerability": "cve-2015-20105", "sightings": [{"uuid": "a1c06f7f-5733-46a3-afee-ccdae7e912af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-20105", "type": "seen", "source": "https://t.me/cibsecurity/33274", "content": "\u203c CVE-2015-20105 \u203c\n\nThe ClickBank Affiliate Ads WordPress plugin through 1.20 does not have CSRF check when saving its settings, allowing attacker to make logged in admin change them via a CSRF attack. Furthermore, due to the lack of escaping when they are outputting, it could also lead to Stored Cross-Site Scripting issues\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-02T20:37:01.000000Z"}]}