4 matches found
CVE-2015-2825
The CVE-2015-2825 vulnerability affects the WordPress Simple Ads Manager plugin (pre-2.5.96). It is an arbitrary/file-upload vulnerability in sam-ajax-admin.php that allows remote attackers to upload a file with an executable extension and later access it via a direct request to the uploaded path...
CVE-2015-2824
CVE-2015-2824 affects the WordPress Simple Ads Manager plugin (versions before 2.7.97). The vulnerability is a SQL injection in multiple parameters exposed via sam-ajax.php and sam-ajax-admin.php: (1) hits[][] in sam_hits, (2) cstr in load_posts, (3) searchTerm in load_combo_data, and (4) multipl...
CVE-2015-2826
The CVE-2015-2826 entry concerns the WordPress Simple Ads Manager plugin, specifically versions 2.5.94 and 2.5.96. A vulnerability in the sam-ajax-admin.php path allows remote attackers to disclose sensitive information. The PoC indicates a POST request to /wp-content/plugins/simple-ads-manager/s...
CVE-2017-20095
CVE-2017-20095 affects the WordPress plugin Simple Ads Manager . The connected sources describe a remote, network-exploitable vulnerability that leads to code injection due to manipulation of unknown code. Public documentation labels it as critical/high impact (e.g., NVD CVSS v3.1 base score 9.8,...