23 matches found
CVE-2026-9236
The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...
EUVD-2026-32051
The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...
CVE-2026-9236 CM Ad Changer <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion via Campaign Management
The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...
WordPress plugin CM Ad Changer 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-43495
The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmac campaigns action function. This makes it...
WordPress CM Ad Changer – A simple tool to control and optimize your site's banners plugin <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion vulnerability
Cross-Site Request Forgery to Campaign Deletion vulnerability discovered by jamaal in WordPress Plugin CM Ad Changer versions = 2.0.7...
EUVD-2025-12297
Malicious code in bioql PyPI...
CVE-2025-46245
Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...
CVE-2025-46245
Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...
CVE-2025-46245
Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5...
CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...
CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...
CVE-2025-46245
CVE-2025-46245 corresponds to a CSRF vulnerability in CreativeMindsSolutions CM Ad Changer (plugin for WordPress) affecting versions n/a through 2.0.5. The issue, as documented, leads to cross-site requests being forged without proper authorization. The connected patch stack entry recommends upgr...
WordPress plugin CM Ad Changer 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
PT-2025-17510 · Unknown · Cm Ad Changer
Name of the Vulnerable Software and Affected Versions: CM Ad Changer versions n/a through 2.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions n/a through 2.0.5, update to a version later than 2.0.5...
WordPress CM Ad Changer plugin <= 1.9.8 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Ad Changer versions = 1.9.8...
CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability
Document Title: =============== CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1856 Release Date: ============= 2016-06-13 Vulnerability Laboratory ID VL-ID: ====================================...
CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability
Document Title: =============== CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1856 Release Date: ============= 2016-06-12 Vulnerability Laboratory ID VL-ID: ====================================...
WordPress CM Ad Changer 1.7.7 Cross Site Scripting
Exploit Title: CM Ad Changer Plugin XSS Date: 9/6/2016 Exploit Author: Aaditya Purani Author Homepage: https://aadityapurani.com Vendor Homepage: https://ad-changer.cminds.com Software Link: https://downloads.wordpress.org/plugins/cm-ad-changer.zip Updated Version: 1.7.7 Tested on: Wordpress 4.5....
CM Ad Changer <= 1.7.7 - Stored Cross-Site Scripting (XSS)
An Stored Cross Site Scripting was reported by the author to CM Ad Plugins under which an unprivileged user can trigger a Stored XSS to perform malicious actions or any attacker could send a crafted link CSRF which can trigger the Stored XSS. PoC 1 Go to CM Ad changers - Campaigns 2 Create a...