Reflected XSS Vulnerability Discovered in Advanced Ads – Ad Manager & AdSense < 1.17.4
https://labs.sucuri.netThe Advanced Ads – Ad Manager & AdSense WordPress plugin has 100,000+ active installations and can be used as a simple ad manager plugin to manage and run Google AdSense, Google Ad Manager (DFP), Amazon ads, or media.net Ads. In versions prior to 1.17.4, there is a vulnerability that allows attackers to exploit two reflected XSS attacks via the admin dashboard.
The issue has been fixed in Version 1.17.4 which is available now from the WordPress Plugin Repo.