cleantalk
Vulnerabilities and Security Researches

Advanced ads Management by Inazo, 83748619e34aa47e21c32a4e080e7829c69fcbb0

CVE, Research URL

83748619e34aa47e21c32a4e080e7829c69fcbb0

Home page URL

Security reports for Advanced ads Management by Inazo

Application

Advanced ads Management by Inazo

Published on
Sep 06, 2016
Research Description
Advanced ads Management by Inazo [inazo-advanced-ads-management] < 1.4 Inazo Advanced Ads Management < 1.4 - Authenticated Stored Cross-Site Scripting The Inazo Advanced Ads Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘adds’ parameter in versions before 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with low-level privileges or above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 1.4.
Status
vulnerable
Previous vulnerability researches
Advanced ads Management by Inazo (43d0bf85cc455322a9cd5d5c7579ff8d24af3c54) , Jun 07, 2024
Advanced ads Management by Inazo (83748619e34aa47e21c32a4e080e7829c69fcbb0) , Jun 16, 2026
Advanced ads Management by Inazo (63dad79a-aa7a-4607-afe4-e1c218b31da6) , Jun 16, 2026
Advanced Ads – Ad Manager &amp; AdSense (e83c33af3964f299b7ca2b4f32c9ddbf9551b285) , Jun 16, 2026
Advanced Ads – Ad Manager &amp; AdSense (CVE-2025-10487) , Nov 11, 2025
New vulnerability
Web Push Notifications by PushEngage: WordPress Push Notifications to Supercharge Your Engagement (CVE-2026-52698) , Jun 19, 2026
CF7 to Webhook (CVE-2026-11395) , Jun 19, 2026
W3 Total Cache (CVE-2026-39595) , Jun 19, 2026
Advanced Ads – Ad Manager &amp; AdSense (CVE-2026-54816) , Jun 19, 2026
Advanced Order Export For WooCommerce (CVE-2026-11360) , Jun 19, 2026