CVE-2026-12242

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

EUVD-2026-38758

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

CVE-2026-12242

CVE-2026-12242 affects the WordPress AdRotate Banner Manager plugin up to version 5.17.7. The vulnerability is PHP Code Injection via the banner attribute of the adrotate shortcode, caused by insufficient validation and sanitization before concatenation into a PHP code string wrapped in W3 Total ...

WordPress AdRotate Banner Manager plugin <= 5.17.7 - Authenticated (Contributor+) PHP Code Injection vulnerability

Authenticated Contributor+ PHP Code Injection vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin AdRotate Banner Manager versions = 5.17.7...

EUVD-2008-2753

Malware in sbrugna...

EUVD-2007-6258

Malware in sbrugna...

EUVD-2008-2754

Malware in sbrugna...

EUVD-2022-30925

Malicious code in bioql PyPI...

EUVD-2025-7953

Malicious code in bioql PyPI...

CVE-2022-1694

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form...

CVE-2025-30565

Cross-Site Request Forgery CSRF vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through = 16.04.19...

CVE-2025-30565

Cross-Site Request Forgery CSRF vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through = 16.04.19...

CVE-2025-30565

CVE-2025-30565 (banner-manager) : CSRF to Stored XSS in the banner-manager plugin, affecting versions up to 16.04.19. The initial description confirms CSRF abuse enabling stored XSS, but does not specify root cause details or a patched version. Connected docs do not add technical fixes or exploit...

CVE-2025-30565 WordPress banner-manager plugin <= 16.04.19 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in karrikas banner-manager allows Stored XSS. This issue affects banner-manager: from n/a through 16.04.19...

CVE-2025-30565 WordPress banner-manager plugin <= 16.04.19 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through = 16.04.19...

WordPress banner-manager plugin <= 16.04.19 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin banner-manager versions = 16.04.19...

WordPress plugin banner-manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-1206

The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotateinsertmedia function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attacker...

CVE-2022-1206

The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotateinsertmedia function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attacker...

CVE-2022-1206

CVE-2022-1206 concerns the WordPress plugin AdRotate Banner Manager. The vulnerability is an arbitrary file upload caused by missing file extension sanitization in the adrotate_insert_media() function, affecting all versions up to and including 5.13.2. It requires authenticated access at administ...