2 matches found
WordPress Ads Pro plugin <= 4.89 - Unauthenticated Time-Based SQL Injection via ‘bsa_pro_id' vulnerability
Unauthenticated Time-Based SQL Injection via ‘bsaproid' vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ads Pro versions = 4.89...
CVE-2025-5339
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsaproid’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...