15 matches found
Adning Advertising <= 1.5.5 - Arbitrary File Upload
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
CVE-2020-36728
The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers to delete arbitrary files which can be used to reset and gain full control of a site...
CVE-2020-36705
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
CVE-2020-36705
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
CVE-2020-36705
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
CVE-2020-36728 Adning Advertising <= 1.5.5 - Unauthenticated Arbitrary File Deletion via Path Traversal
The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers to delete arbitrary files which can be used to reset and gain full control of a site...
CVE-2020-36705 Adning Advertising <= 1.5.5 - Arbitrary File Upload
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
CVE-2020-36705 Adning Advertising <= 1.5.5 - Arbitrary File Upload
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...
PT-2023-11847
Name of the Vulnerable Software and Affected Versions Adning Advertising plugin for WordPress versions up to, and including, 1.5.5 Description The issue arises from missing file type validation in the ning upload image function, allowing unauthenticated attackers to upload arbitrary files to the...
PT-2023-11870 · WordPress · Adning Advertising Plugin
Name of the Vulnerable Software and Affected Versions: Adning Advertising plugin for WordPress versions up to, and including, 1.5.5 Description: The issue allows unauthenticated attackers to delete arbitrary files via path traversal, potentially leading to a full control takeover of a site...
WordPress Plugin Adning Advertising 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Adning Advertising suffers...
PT-2022-21458 · WordPress · Advanced Ads – Ad Manager & Adsense
Name of the Vulnerable Software and Affected Versions: Advanced Ads – Ad Manager & AdSense plugin versions = 1.31.1 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject malicious scripts...
CVE-2022-2170
The Microsoft Advertising Universal Event Tracking UET WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Due to the nature of this...
Advertising Plugin for WordPress Threatens Full Site Takeovers
The Adning Advertising plugin for WordPress, a premium plugin with over 8,000 customers, contains a critical remote code-execution vulnerability with the potential to be exploited by unauthenticated attackers. The plugin’s author, Tunafish, has rolled out a patched version v.1.5.6, which site...
Joomla! iJoomla com_adagency plugin SQL Injection Vulnerability
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions. iJoomla comadagency plugin is used in one of the advertising plug-ins . A SQL injection vulnerability exists in version 6.0.9 ...