WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload

Short Info

Level

Medium

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

2 weeks 13 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The Adning Advertising plugin for WordPress versions below 1.5.6 is vulnerable to arbitrary file upload, allowing attackers to upload malicious files to the server.

References:

https://www.wordfence.com/blog/2020/07/critical-vulnerabilities-patched-in-adning-advertising-plugin/
https://blog.nintechnet.com/critical-vulnerability-in-adning-advertising-plugin-actively-exploited-in-the-wild/
https://codecanyon.net/item/wp-pro-advertising-system-all-in-one-ad-manager/269693
https://nvd.nist.gov/vuln/detail/CVE-2020-36728

Get started to protecting your digital assets

Start trial See the plans

WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload

Short Info

-

Detail

Category