AdRotate Banner Manager – The only ad manager you'll need

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   AdRotate Banner Manager – The only ad manager you'll need

Information

Software Type Plugin
Software Slug adrotate (view on wordpress.org)
Software Status Active
Software Author adegans
Software Website ajdg.solutions
Software Downloads 3,512,007
Software Active Installs 30,000
Software Record Last Updated May 19, 2024

8 Vulnerabilities

AdRotate Banner Manager <= 5.9 - Cross-Site Request Forgery
8.8
CVE-2022-26366
Nov 11, 2022
Researcher: Muhammad Daffa
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Group Names
5.5
CVE-2022-0649
Apr 11, 2022
Researcher: Muhamad Hidayat
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Advert Names
5.5
CVE-2022-0662
Apr 11, 2022
Researcher: Muhamad Hidayat
AdRotate – Ad manager & AdSense Ads <= 5.8.17 - Admin+ SQL Injection
7.2
CVE-2022-0267
Feb 7, 2022
Researcher: ZhongFu Su
AdRotate < 5.8.4 - Authenticated SQL Injection
7.2
CVE-2021-24138
Jun 3, 2020
Researcher: Nguyen Anh Tien
AdRotate – Ad manager & AdSense Ads <= 5.2 - Authenticated SQL Injection
7.2
CVE-2019-13570
Jul 11, 2019
Researcher: Tin Duong
AdRotate – Ad manager & AdSense Ads 3.9 - 3.9.4 - SQL Injection
9.8
CVE-2014-1854
Feb 22, 2014
Researchers:
AdRotate – Ad manager & AdSense Ads < 3.6.8 - SQL Injection
9.8
CVE-2011-4671
Nov 8, 2011
Researcher: Miroslav Stampar
Title Status CVE ID CVSS Researchers Date
AdRotate Banner Manager <= 5.9 - Cross-Site Request Forgery Patched CVE-2022-26366 8.8 Muhammad Daffa November 11, 2022
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Group Names Patched CVE-2022-0649 5.5 Muhamad Hidayat April 11, 2022
AdRotate – Ad manager & AdSense Ads <= 5.8.22 - Authenticated Stored Cross-Site Scripting via Advert Names Patched CVE-2022-0662 5.5 Muhamad Hidayat April 11, 2022
AdRotate – Ad manager & AdSense Ads <= 5.8.17 - Admin+ SQL Injection Patched CVE-2022-0267 7.2 ZhongFu Su February 7, 2022
AdRotate < 5.8.4 - Authenticated SQL Injection Patched CVE-2021-24138 7.2 Nguyen Anh Tien June 3, 2020
AdRotate – Ad manager & AdSense Ads <= 5.2 - Authenticated SQL Injection Patched CVE-2019-13570 7.2 Tin Duong July 11, 2019
AdRotate – Ad manager & AdSense Ads 3.9 - 3.9.4 - SQL Injection Patched CVE-2014-1854 9.8 February 22, 2014
AdRotate – Ad manager & AdSense Ads < 3.6.8 - SQL Injection Patched CVE-2011-4671 9.8 Miroslav Stampar November 8, 2011

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation