CVE-2020-36728 — AI Deep Analysis Summary

🚨 **Essence**: Path Traversal (CWE-22) in Adning Advertising plugin. 📉 **Consequences**: Attackers can delete arbitrary files or upload malicious payloads, compromising server integrity.

🛡️ **Root Cause**: Improper input validation allowing **Path Traversal**. ⚠️ **CWE**: CWE-22. The plugin fails to sanitize file paths, enabling unauthorized file system access.

👥 **Affected**: WordPress Plugin **Adning Advertising**. 📦 **Version**: Below **1.5.6**. 🏢 **Vendor**: tunafish. 🌐 **Platform**: WordPress sites running this specific plugin.

💀 **Attacker Actions**: Upload malicious files (Webshells). 🗑️ Delete critical server files. 📂 Access sensitive data via path traversal. 🔓 **Privileges**: Server-level access depending on web server user rights.

🔓 **Threshold**: **LOW**. 🚫 **Auth**: No authentication required (PR:N). 🌍 **Vector**: Network (AV:N). ⚡ **Complexity**: Low (AC:L). Easy to exploit remotely.

🔥 **Exploitation**: **YES**. Active exploitation in the wild reported. 📜 **PoC**: Available via Nuclei templates. 📢 **Sources**: Wordfence & Nintechnet blogs confirm active threats.

🔍 **Self-Check**: Scan for **Adning Advertising** plugin. 🧪 **Tool**: Use Nuclei templates (CVE-2020-36728.yaml). 📊 **Indicator**: Check for version < 1.5.6. 🕵️‍♂️ **Verify**: Test file deletion/upload endpoints if safe.

🛠️ **Fix**: Upgrade to **Version 1.5.6** or higher. 📥 **Source**: Codecanyon/Official vendor. ✅ **Status**: Patched officially. 🔄 **Action**: Immediate update recommended.

🚧 **No Patch?**: Disable the plugin immediately. 🛑 **Isolate**: Restrict web server file permissions. 🧱 **WAF**: Block path traversal patterns (../). 📦 **Backup**: Secure existing files before mitigation.

⚡ **Urgency**: **CRITICAL**. 🔴 **Priority**: **P0**. 🚨 **Reason**: Unauthenticated, actively exploited, allows RCE/File Deletion. 🏃 **Action**: Patch NOW.