WordPress Plugin Vulnerabilities

Simple Ads Manager < 2.7.102 - Arbitrary File Upload & SQL Injection

Description

The simple-ads-manager WordPress plugin was affected by an Arbitrary File Upload & SQL Injection security vulnerability.

Affects Plugins

Plugin icon
simple-ads-manager
Fixed in 2.7.102

References

CVE
CVE-2015-2824
CVE
CVE-2015-2825
CVE
CVE-2015-2826
Exploitdb
36613
Exploitdb
36614
Exploitdb
36615
URL
https://packetstormsecurity.com/files/#131280/
URL
https://packetstormsecurity.com/files/#131281/
URL
https://packetstormsecurity.com/files/#131282/
URL
https://seclists.org/bugtraq/2015/Apr/10

Miscellaneous

Verified
No
WPVDB ID
89f75c74-4126-467b-aadd-04b1c1bbc941

Timeline

Publicly Published
2015-04-02 (about 11 years ago)
Added
2015-04-04 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-07-11
Title
School Management < 57.0 - CSRF and Stored XSS
Published
2019-06-27
Title
Block WP Login < 1.3.2 - CSRF and Unauthorised Settings Update
Published
2015-05-08
Title
YARPP – Yet Another Related Posts Plugin 4.2.4 - CSRF / XSS / RCE
Published
2020-01-29
Title
Portfolio Filter Gallery < 1.1.3 - CSRF & Reflected XSS
Published
2019-05-25
Title
Related YouTube Videos <= 1.9.8 - CSRF & XSS