Security Advisory

CVE-2025-13592

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-29 18:20:50

Last updated 2026-04-08 17:34:16

Assigner Wordfence

State PUBLISHED

Description

The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the change-ad__content shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server.

← Browse all CVEs View on cve.org ↗