The AdRotate Banner Manager β The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotate_insert_media() function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attack...
7.2CVSS
7.3AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress.
8.8CVSS
8.9AI Score
0.001EPSS