WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

AdRotate – Ad manager & AdSense Ads

2022-04-11
Adrotate < 5.8.23 - Admin+ XSS via Advert Name
Fixed in version 5.8.23
2022-04-11
Adrotate < 5.8.23 - Admin+ XSS via Group Name
Fixed in version 5.8.23
2022-02-07
AdRotate < 5.8.22 - Admin+ SQL Injection
Fixed in version 5.8.22
2020-06-03
AdRotate < 5.8.4 - Authenticated SQL Injection
Fixed in version 5.8.4
2019-07-11
AdRotate Banner Manager <= 5.2 - Authenticated SQL Injection
Fixed in version 5.3
2014-08-01
AdRotate <= 3.9.4 - clicktracker.php track Parameter SQL Injection
Fixed in version 3.9.5
2014-08-01
AdRotate <= 3.6.6 - SQL Injection
Fixed in version 3.6.8
2014-08-01
AdRotate <= 3.6.5 - SQL Injection
Fixed in version 3.6.8