cleantalk
Vulnerabilities and Security Researches

Advanced Ads – Ad Manager & AdSense, CVE-2025-13592

CVE, Research URL

CVE-2025-13592

Home page URL

Security reports for Advanced Ads – Ad Manager & AdSense

Application

Advanced Ads – Ad Manager & AdSense

Published on
Dec 30, 2025
Research Description
The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the 'change-ad__content' shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server.
Affected versions
max 2.0.15.
Status
vulnerable
Previous vulnerability researches
Advanced ads Management by Inazo (43d0bf85cc455322a9cd5d5c7579ff8d24af3c54) , Jun 07, 2024
Advanced Ads – Ad Manager & AdSense (CVE-2025-10487) , Nov 11, 2025
Advanced Ads – Ad Manager & AdSense (7f7383fa1342eeb58c7d7371701dd92ec8bebac3) , Jun 07, 2024
Advanced Ads – Ad Manager & AdSense (CVE-2022-32776) , Jun 07, 2024
Advanced Ads – Ad Manager & AdSense (CVE-2024-2290) , Jun 07, 2024
New vulnerability
Visual Website Collaboration, Feedback & Project Management – Atarim (CVE-2026-25019) , Feb 27, 2026
Visual Website Collaboration, Feedback & Project Management – Atarim (CVE-2025-67993) , Feb 27, 2026
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2026-24965) , Feb 27, 2026
Nelio AB Testing (CVE-2026-25378) , Feb 27, 2026
VK All in One Expansion Unit (CVE-2025-11737) , Feb 27, 2026