cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwpadcenter wpadcenter

Direction: ascending
Sep 07, 2024

WP AdCenter – Ad Manager & Adsense Ads # CVE-2024-8317

CVE, Research URL

CVE-2024-8317

Home page URL

Security reports for WP AdCenter – Ad Manager & Adsense Ads

Application

WP AdCenter – Ad Manager & Adsense Ads

Date
Sep 06, 2024
Research Description
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ad_alignment’ attribute in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable
Nov 16, 2024

WP AdCenter – Ad Manager & Adsense Ads # CVE-2024-10113

CVE, Research URL

CVE-2024-10113

Home page URL

Security reports for WP AdCenter – Ad Manager & Adsense Ads

Application

WP AdCenter – Ad Manager & Adsense Ads

Date
Nov 15, 2024
Research Description
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpadcenter_ad shortcode in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable
Apr 04, 2025

WP AdCenter – Ad Manager & Adsense Ads # CVE-2025-31860

CVE, Research URL

CVE-2025-31860

Home page URL

Security reports for WP AdCenter – Ad Manager & Adsense Ads

Application

WP AdCenter – Ad Manager & Adsense Ads

Date
Apr 01, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter allows Stored XSS. This issue affects WP AdCenter: from n/a through 2.5.9.
Affected versions
Min -, max -.
Status
vulnerable
Jul 03, 2025

WP AdCenter – Ad Manager & Adsense Ads # CVE-2025-53278

CVE, Research URL

CVE-2025-53278

Home page URL

Security reports for WP AdCenter – Ad Manager & Adsense Ads

Application

WP AdCenter – Ad Manager & Adsense Ads

Date
Jun 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter allows Stored XSS. This issue affects WP AdCenter: from n/a through 2.6.0.
Affected versions
Min -, max -.
Status
vulnerable