WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload
The Adning Advertising plugin for WordPress versions below 1.5.6 is vulnerable to arbitrary file upload, allowing attackers to upload malicious files to the server.
References:
- https://www.wordfence.com/blog/2020/07/critical-vulnerabilities-patched-in-adning-advertising-plugin/
- https://blog.nintechnet.com/critical-vulnerability-in-adning-advertising-plugin-actively-exploited-in-the-wild/
- https://codecanyon.net/item/wp-pro-advertising-system-all-in-one-ad-manager/269693
- https://nvd.nist.gov/vuln/detail/CVE-2020-36728
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
2 weeks 13 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox