Lucene search
+L

1841 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2025-210250

Unauthenticated SQL Injection in Advanced Ads – Tracking 3.0.7 versions...

9.3CVSS5.7AI score0.00383EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54816

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

7.5CVSS0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.15 views

CVE-2025-59554

Unauthenticated SQL Injection in Advanced Ads – Tracking 3.0.7 versions...

9.3CVSS0.00383EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:37 p.m.11 views

EUVD-2026-37707

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

7.5CVSS5.4AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 1:37 p.m.36 views

CVE-2026-54816 WordPress Advanced Ads plugin <= 2.0.21 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

7.5CVSS0.00292EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/17 1:22 p.m.9 views

WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by HaiND in WordPress Plugin Ads by WPQuads versions = 3.0.3...

7.5CVSS5.8AI score0.00294EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/17 12:47 p.m.30 views

CVE-2025-59554 WordPress Advanced Ads – Tracking plugin < 3.0.7 - SQL Injection vulnerability

Unauthenticated SQL Injection in Advanced Ads – Tracking 3.0.7 versions...

9.3CVSS0.00383EPSS
Exploits0References1
HackRead
HackRead
added 2026/06/15 10:2 a.m.16 views

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

Over 50 Android apps on official stores spread MagicAd trojan, using system tricks to force background ads even after infected apps are closed...

5.3AI score
Exploits0
OSV
OSV
added 2026/06/11 1:28 p.m.12 views

GHSA-9GW6-46QC-99VR Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token

Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 commit 496c988 7d14226; Versions 1.0.102–1.0.105 lack git tags, so patch status is unconfirmed. | |...

9.1CVSS5.8AI score0.0013EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/11 1:28 p.m.8 views

Insufficiently Protected Credentials

Overview meta-ads-mcp is a Model Context Protocol MCP server for Meta Ads - Use Remote MCP at pipeboard.co for easiest setup Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the AuthInjectionMiddleware.dispatch process. An attacker can gain unauthorized...

9.3CVSS5.8AI score0.0013EPSS
Exploits0References4
HackRead
HackRead
added 2026/06/08 6:56 p.m.24 views

Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor

Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users...

5.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/06 2:28 a.m.9 views

CVE-2026-9280

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.7AI score0.00225EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.15 views

WordPress plugin Ad Inserter – Ad Manager & AdSense Ads 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.4AI score0.00225EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

5.4CVSS6AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5488

The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 9.1.2. This is due to missing capability checks in the getadsaccesstoken and resetexperience AJAX handlers. While the mi-admin-nonce is localized...

5.3CVSS5.5AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-45210

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS5.5AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.10 views

CVE-2026-42744

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS5.4AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.11 views

CVE-2026-42732

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS5.4AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-5371

The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...

7.1CVSS5.5AI score0.00349EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/06/04 11:19 a.m.17 views

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...

6.1AI score
Exploits0
Rows per page
Query Builder