cleantalk
Vulnerabilities and Security Researches

Advanced Advertising System, CVE-2025-3433

CVE, Research URL

CVE-2025-3433

Home page URL

Security reports for Advanced Advertising System

Application

Advanced Advertising System

Published on
Apr 08, 2025
Research Description
The Advanced Advertising System plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.1. This is due to insufficient validation on the redirect url supplied via the 'redir' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Affected versions
Min -, max 1.3.1.
Status
vulnerable
Previous vulnerability researches
CSV to Responsive Tables (CVE-2024-56012) , Mar 28, 2025
New vulnerability
Site Search 360 (CVE-2025-39530) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39589) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39590) , Apr 17, 2025
Basic Interactive World Map (CVE-2025-39517) , Apr 17, 2025
Dynamic Post (CVE-2025-39522) , Apr 17, 2025