2025-12-29 18:20:50
Wordfence
PUBLISHED
The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the change-ad__content shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server.