cleantalk
Vulnerabilities and Security Researches

AdRotate Banner Manager – The only ad manager you'll need, CVE-2021-24138

CVE, Research URL

CVE-2021-24138

Home page URL

Security reports for AdRotate Banner Manager – The only ad manager you'll need

Application

AdRotate Banner Manager – The only ad manager you'll need

Published on
Mar 18, 2021
Research Description
Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.
Affected versions
max 5.8.4.
Status
vulnerable
Previous vulnerability researches
AdRotate Banner Manager – The only ad manager you'll need (CVE-2022-1206) , Aug 21, 2024
AdRotate Banner Manager – The only ad manager you'll need (CVE-2014-1854) , Jun 06, 2024
AdRotate Banner Manager – The only ad manager you'll need (CVE-2022-0649) , Jun 06, 2024
AdRotate Banner Manager – The only ad manager you'll need (CVE-2022-0662) , Jun 06, 2024
AdRotate Banner Manager – The only ad manager you'll need (CVE-2022-26366) , Jun 06, 2024
New vulnerability
Admin and Site Enhancements (ASE) , Jun 25, 2026
Advanced Google reCAPTCHA , Jun 25, 2026
Page Optimize , Jun 25, 2026
Image Optimizer by Elementor – Compress, Resize and Optimize Images , Jun 25, 2026
Facebook Chat Plugin – Live Chat Plugin for WordPress , Jun 25, 2026