CVE-2026-40782

CVE-2026-40782 : Unauthenticated Broken Access Control in WordPress WPAdverts plugin (versions

CVE-2026-27092 WordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Greg Winiarski WPAdverts wpadverts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPAdverts: from n/a through = 2.3.0...

CVE-2025-54024

CVE-2025-54024 : WPAdverts (WordPress plugin) contains a DOM-based XSS due to improper input neutralization during page generation, affecting versions up to 2.2.5. Exploitation details are not provided in the documents. A fix exists in WPAdverts 2.2.5; upgrading to a newer version is recommended ...

PT-2025-20078 · WordPress · Wpadverts

Name of the Vulnerable Software and Affected Versions: WPAdverts versions through 2.2.2 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This is a ty...

WordPress WPAdverts – Classifieds Plugin Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WPAdverts – Classifieds Plugin Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10108 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d98a67dcc148 Credits...