Open Proxy Vulnerability in Google Adsense and Hotel Booking Plugin by WordPress
CVE-2015-1000009

9.1CRITICAL

Key Information:

Vendor: Wordpress
Status: Google-adsense-and-hotel-booking
Vendor: CVE Published:; 6 October 2016

What is CVE-2015-1000009?

The Google Adsense and Hotel Booking Plugin for WordPress contains a vulnerability that allows an attacker to exploit an open proxy configuration. This can expose sensitive user information and allow unauthorized access to the network, potentially leading to further attacks or data breaches. Users are urged to apply the necessary patches or updates to mitigate any risks associated with this issue.

References

http://www.vapidlabs.com/advisory.php?v=151

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 6, 2016
Vulnerability Reserved
Jun 7, 2016

Wordpress

What is CVE-2015-1000009?

References

EPSS Score

CVSS V3.1

Timeline