cleantalk
Vulnerabilities and Security Researches

Ad Inserter – Ad Manager & AdSense Ads, CVE-2023-4668

CVE, Research URL

CVE-2023-4668

Home page URL

Security reports for Ad Inserter – Ad Manager & AdSense Ads

Application

Ad Inserter – Ad Manager & AdSense Ads

Published on
Oct 20, 2023
Research Description
The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins (present and active), active theme, various plugin settings, WordPress version, as well as some server settings such as memory limit, installation paths.
Affected versions
max 2.7.31.
Status
vulnerable
Previous vulnerability researches
Ad Inserter – Ad Manager & AdSense Ads (CVE-2024-49248) , Oct 18, 2024
Ad Inserter – Ad Manager & AdSense Ads (CVE-2025-22623) , Mar 07, 2025
Ad Inserter – Ad Manager & AdSense Ads (CVE-2022-0288) , Jun 06, 2024
Ad Inserter – Ad Manager & AdSense Ads (CVE-2025-11745) , Nov 11, 2025
Ad Inserter – Ad Manager & AdSense Ads (CVE-2015-9497) , Jun 06, 2024
New vulnerability
Wikipedia Preview (CVE-2025-52738) , Nov 11, 2025
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (CVE-2025-62973) , Nov 11, 2025
GoCache (CVE-2025-62966) , Nov 11, 2025
WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2025-62006) , Nov 11, 2025
Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One (CVE-2025-12156) , Nov 11, 2025