Vulnerabilities and security researches forinazo-advanced-ads-management inazo-advanced-ads-management
Direction: ascendingJun 07, 2024
Advanced ads Management by Inazo # 43d0bf85cc455322a9cd5d5c7579ff8d24af3c54
- CVE, Research URL
- Home page URL
- Application
- Date
- Sep 06, 2016
- Research Description
- Advanced ads Management by Inazo [inazo-advanced-ads-management] < 1.4 WordPress Advanced Ads Management Plugin <= 1.3 - XSS This WordPress plugin is prone to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary script or HTML. Update the plugin.
- Affected versions
-
max 1.4.
- Status
-
vulnerable
Jun 16, 2026
Advanced ads Management by Inazo # 83748619e34aa47e21c32a4e080e7829c69fcbb0
- CVE, Research URL
- Home page URL
- Application
- Date
- Sep 06, 2016
- Research Description
- Advanced ads Management by Inazo [inazo-advanced-ads-management] < 1.4 Inazo Advanced Ads Management < 1.4 - Authenticated Stored Cross-Site Scripting The Inazo Advanced Ads Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘adds’ parameter in versions before 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with low-level privileges or above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- Affected versions
-
max 1.4.
- Status
-
vulnerable
Advanced ads Management by Inazo # 63dad79a-aa7a-4607-afe4-e1c218b31da6
- CVE, Research URL
- Home page URL
- Application
- Date
- -
- Research Description
- Advanced ads Management by Inazo [inazo-advanced-ads-management] < 1.4 Advanced ads Management <= 1.3 - Authenticated Stored Cross-Site Scripting (XSS) Any authenticated user, including authors, can embed JavaScript via the 'HTML Codes' functionality when creating a new add. Embedding JavaScript should be restricted to users with the 'unfiltered_html' capability.
- Affected versions
-
max 1.4.
- Status
-
vulnerable