Lucene search
K

131 matches found

CVE
CVE
added 2024/08/20 3:21 a.m.109 views

CVE-2022-1206

CVE-2022-1206 concerns the WordPress plugin AdRotate Banner Manager. The vulnerability is an arbitrary file upload caused by missing file extension sanitization in the adrotate_insert_media() function, affecting all versions up to and including 5.13.2. It requires authenticated access at administ...

7.2CVSS7.3AI score0.00966EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/20 3:21 a.m.37 views

CVE-2022-1206 AdRotate – Ad manager & AdSense Ads <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload

The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotateinsertmedia function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attacker...

7.2CVSS0.00966EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/20 12:40 a.m.4 views

WordPress AdRotate plugin <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload vulnerability

Authenticated Admin+ Double Extension Arbitrary File Upload vulnerability discovered by Jorgson in WordPress Plugin AdRotate versions = 5.13.2...

7.2CVSS7AI score0.00966EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.7 views

PT-2024-11506 · WordPress · Adrotate Banner Manager

Name of the Vulnerable Software and Affected Versions: The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress versions up to, and including, 5.13.2 Description: The issue is related to arbitrary file uploads due to missing file extension sanitization in the adrotate...

7.2CVSS7.7AI score0.00966EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/08/20 12:0 a.m.17 views

WordPress AdRotate Plugin <= 5.13.2 is vulnerable to Arbitrary File Upload

Software AdRotate Type Plugin Vulnerable versions = 5.13.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2022-1206 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID f703ac87a2d0 Credits Jorgson Required privilege Administrator Published...

7.2CVSS6.9AI score0.00966EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.6 views

WordPress plugin AdRotate Banner Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

7.2CVSS6.7AI score0.00966EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/10/12 12:0 a.m.17 views

WordPress AdRotate Manage Banner Plugin < 5.3 SQLi Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adrotatebannermanagerproject:adrotatebannermanager";...

7.2CVSS7AI score0.01502EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/17 12:0 a.m.11 views

WordPress AdRotate Manage Banner Plugin < 5.9.1 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adrotatebannermanagerproject:adrotatebannermanager";...

8.8CVSS7AI score0.00264EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.58 views

WordPress Plugin 'AdRotate Banner Manager' < 5.9.1 XSRF

The WordPress application running on the remote host has a version of the 'AdRotate Banner Manager' plugin that is prior to 5.9.1. It is, therefore, affected by a cross-site request forgery XSRF vulnerability. A remote attacker can, with the interaction of a privileged user, execute actions, such...

8.8CVSS7.8AI score0.00264EPSS
Exploits0References2
NVD
NVD
added 2022/11/30 1:15 p.m.15 views

CVE-2022-26366

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

8.8CVSS0.00264EPSS
Exploits0References1
OSV
OSV
added 2022/11/30 1:15 p.m.5 views

CVE-2022-26366

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

8.8CVSS5.8AI score0.00264EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/11/30 1:15 p.m.4 views

CVE-2022-26366

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

8.8CVSS8AI score0.00264EPSS
Exploits0References2
Prion
Prion
added 2022/11/30 1:15 p.m.24 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

6.8CVSS8.8AI score0.00264EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/30 12:30 p.m.32 views

CVE-2022-26366 WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

5.4CVSS9.1AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/30 12:30 p.m.9 views

CVE-2022-26366 WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...

5.4CVSS6.5AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2022/11/30 12:30 p.m.96 views

CVE-2022-26366

CVE-2022-26366 affects the WordPress AdRotate Banner Manager Plugin, specifically versions &lt;= 5.9. It describes a CSRF/XSRF vulnerability that can enable an attacker to perform privileged actions (e.g., password changes) under a user’s authentication. The issue is tied to ads/banner management...

8.8CVSS7.2AI score0.00264EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.5 views

WordPress plugin AdRotate Banner Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS7.7AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.7 views

PT-2022-17814 · WordPress · Adrotate Banner Manager Plugin

Name of the Vulnerable Software and Affected Versions: AdRotate Banner Manager Plugin versions = 5.9 Description: The issue is related to Cross-Site Request Forgery CSRF in the AdRotate Banner Manager Plugin on WordPress. Recommendations: For AdRotate Banner Manager Plugin versions = 5.9, update ...

8.8CVSS8.6AI score0.00264EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2022/11/11 12:0 a.m.22 views

AdRotate Banner Manager < 5.9.1 - Password Change via CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make a logged admin change their password via CSRF attacks...

8.8CVSS5.3AI score0.00264EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/11/11 12:0 a.m.19 views

WordPress AdRotate Banner Manager plugin <= 5.9 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities leading to resetting some of the maintenance settings Reset tasks, Disable the third party, Update Database were discovered by Muhammad Daffa Patchstack Alliance in the WordPress AdRotate Banner Manager plugin versions = 5.9. Solution...

2AI score0.00264EPSS
Exploits0Affected Software1
Rows per page
Query Builder