VYPR

Advanced Ads

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-2290HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    The Advanced Ads plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.52.1 via deserialization of untrusted input in the 'placement_slug' parameter. This makes it possible for authenticated attackers to inject a PHP Object. No POP…

  • CVE-2025-13592HigDec 29, 2025
    risk 0.40cvss 7.2epss 0.01

    The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the 'change-ad__content' shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server.

  • CVE-2026-54816Jun 17, 2026
    risk 0.00cvss epss 0.00

    Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21.