Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-9236

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...

4.3CVSS5.5AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 4:28 a.m.10 views

EUVD-2026-32051

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...

4.3CVSS5.9AI score0.00128EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/27 4:28 a.m.12 views

CVE-2026-9236 CM Ad Changer <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion via Campaign Management

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...

4.3CVSS5.9AI score0.00128EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

WordPress plugin CM Ad Changer 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43495

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmac campaigns action function. This makes it...

4.3CVSS5.9AI score0.00128EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/05/26 4:1 p.m.9 views

WordPress CM Ad Changer – A simple tool to control and optimize your site's banners plugin <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion vulnerability

Cross-Site Request Forgery to Campaign Deletion vulnerability discovered by jamaal in WordPress Plugin CM Ad Changer versions = 2.0.7...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-12297

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00146EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/25 11:32 p.m.5 views

CVE-2025-46245

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...

8.8CVSS7.2AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2025/04/22 10:15 a.m.7 views

CVE-2025-46245

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...

8.8CVSS0.00146EPSS
Exploits0References1
OSV
OSV
added 2025/04/22 10:15 a.m.3 views

CVE-2025-46245

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/22 9:53 a.m.5 views

CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...

4.3CVSS7.2AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/22 9:53 a.m.12 views

CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Request Forgery.This issue affects CM Ad Changer: from n/a through = 2.0.5...

4.3CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2025/04/22 9:53 a.m.56 views

CVE-2025-46245

CVE-2025-46245 corresponds to a CSRF vulnerability in CreativeMindsSolutions CM Ad Changer (plugin for WordPress) affecting versions n/a through 2.0.5. The issue, as documented, leads to cross-site requests being forged without proper authorization. The connected patch stack entry recommends upgr...

8.8CVSS7.2AI score0.00146EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.2 views

WordPress plugin CM Ad Changer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

8.8CVSS8.6AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.10 views

PT-2025-17510 · Unknown · Cm Ad Changer

Name of the Vulnerable Software and Affected Versions: CM Ad Changer versions n/a through 2.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions n/a through 2.0.5, update to a version later than 2.0.5...

8.8CVSS9AI score0.00146EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/02/03 3:52 p.m.4 views

WordPress CM Ad Changer plugin <= 1.9.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Ad Changer versions = 1.9.8...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2016/06/13 12:0 a.m.32 views

CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability

Document Title: =============== CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1856 Release Date: ============= 2016-06-13 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/06/12 12:0 a.m.25 views

CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability

Document Title: =============== CM Ad Changer 1.7.7 WP Plugin - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1856 Release Date: ============= 2016-06-12 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/11 12:0 a.m.34 views

WordPress CM Ad Changer 1.7.7 Cross Site Scripting

Exploit Title: CM Ad Changer Plugin XSS Date: 9/6/2016 Exploit Author: Aaditya Purani Author Homepage: https://aadityapurani.com Vendor Homepage: https://ad-changer.cminds.com Software Link: https://downloads.wordpress.org/plugins/cm-ad-changer.zip Updated Version: 1.7.7 Tested on: Wordpress 4.5....

7.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2016/06/09 12:0 a.m.15 views

CM Ad Changer <= 1.7.7 - Stored Cross-Site Scripting (XSS)

An Stored Cross Site Scripting was reported by the author to CM Ad Plugins under which an unprivileged user can trigger a Stored XSS to perform malicious actions or any attacker could send a crafted link CSRF which can trigger the Stored XSS. PoC 1 Go to CM Ad changers - Campaigns 2 Create a...

1.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder