131 matches found
CVE-2022-1206
CVE-2022-1206 concerns the WordPress plugin AdRotate Banner Manager. The vulnerability is an arbitrary file upload caused by missing file extension sanitization in the adrotate_insert_media() function, affecting all versions up to and including 5.13.2. It requires authenticated access at administ...
CVE-2022-1206 AdRotate – Ad manager & AdSense Ads <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload
The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotateinsertmedia function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attacker...
WordPress AdRotate plugin <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload vulnerability
Authenticated Admin+ Double Extension Arbitrary File Upload vulnerability discovered by Jorgson in WordPress Plugin AdRotate versions = 5.13.2...
PT-2024-11506 · WordPress · Adrotate Banner Manager
Name of the Vulnerable Software and Affected Versions: The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress versions up to, and including, 5.13.2 Description: The issue is related to arbitrary file uploads due to missing file extension sanitization in the adrotate...
WordPress AdRotate Plugin <= 5.13.2 is vulnerable to Arbitrary File Upload
Software AdRotate Type Plugin Vulnerable versions = 5.13.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2022-1206 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID f703ac87a2d0 Credits Jorgson Required privilege Administrator Published...
WordPress plugin AdRotate Banner Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress AdRotate Manage Banner Plugin < 5.3 SQLi Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adrotatebannermanagerproject:adrotatebannermanager";...
WordPress AdRotate Manage Banner Plugin < 5.9.1 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adrotatebannermanagerproject:adrotatebannermanager";...
WordPress Plugin 'AdRotate Banner Manager' < 5.9.1 XSRF
The WordPress application running on the remote host has a version of the 'AdRotate Banner Manager' plugin that is prior to 5.9.1. It is, therefore, affected by a cross-site request forgery XSRF vulnerability. A remote attacker can, with the interaction of a privileged user, execute actions, such...
CVE-2022-26366
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
CVE-2022-26366
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
CVE-2022-26366
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
CVE-2022-26366 WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
CVE-2022-26366 WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in AdRotate Banner Manager Plugin = 5.9 on WordPress...
CVE-2022-26366
CVE-2022-26366 affects the WordPress AdRotate Banner Manager Plugin, specifically versions <= 5.9. It describes a CSRF/XSRF vulnerability that can enable an attacker to perform privileged actions (e.g., password changes) under a user’s authentication. The issue is tied to ads/banner management...
WordPress plugin AdRotate Banner Manager 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2022-17814 · WordPress · Adrotate Banner Manager Plugin
Name of the Vulnerable Software and Affected Versions: AdRotate Banner Manager Plugin versions = 5.9 Description: The issue is related to Cross-Site Request Forgery CSRF in the AdRotate Banner Manager Plugin on WordPress. Recommendations: For AdRotate Banner Manager Plugin versions = 5.9, update ...
AdRotate Banner Manager < 5.9.1 - Password Change via CSRF
The plugin does not have CSRF checks in some places, which could allow attackers to make a logged admin change their password via CSRF attacks...
WordPress AdRotate Banner Manager plugin <= 5.9 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
Multiple Cross-Site Request Forgery CSRF vulnerabilities leading to resetting some of the maintenance settings Reset tasks, Disable the third party, Update Database were discovered by Muhammad Daffa Patchstack Alliance in the WordPress AdRotate Banner Manager plugin versions = 5.9. Solution...