CVE-2022-0267

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotateaction before using it in a SQL statement via the adrotaterequestaction function available to admins, leading to a SQL injection...

CVE-2022-0649

The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0662

The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

EUVD-2021-11052

Malware in sbrugna...

EUVD-2011-4589

Malware in sbrugna...

CVE-2021-24138

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user...

WordPress AdRotate plugin cross-site scripting vulnerability (CNVD-2022-59803)

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23. The...

WordPress AdRotate plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23, which st...

CVE-2022-0662

The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0649

The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress plugin AdRotate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23. The...

WordPress AdRotate Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress AdRotate Plugin versions prior to 5.8.22. The vulnerability...

CVE-2022-0267

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotateaction before using it in a SQL statement via the adrotaterequestaction function available to admins, leading to a SQL injection...

WordPress plugin AdRotate SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress AdRotate Plugin versions prior to 5.8.22. The vulnerability...

CVE-2021-24138

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user...

CVE-2021-24138

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user...

CVE-2021-24138 AdRotate < 5.8.4 - Authenticated SQL Injection

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user...

WordPress AdRotate plugin <= 5.8.3 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability found by Nguyen Anh Tien in WordPress AdRotate plugin versions = 5.8.3. Solution Update the WordPress AdRotate plugin to the latest available version at least 5.8.4...

WordPress AJdG AdRotate Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.AJdG AdRotate plugin is an ad management plugin used in it. A SQL injection vulnerability exists in WordPress AJdG AdRotate plugin...

CVE-2019-13570

The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection...