Browse all 3 CVE security advisories affecting Ads by WPQuads. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ads by WPQuads is a WordPress advertising plugin designed to display advertisements on websites. Historically, it has been associated with multiple security vulnerabilities, including cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from insufficient input validation and sanitization. The plugin has been exploited in various attacks, with three CVEs currently documented. Security researchers have identified issues related to improper access controls and privilege escalation, potentially allowing unauthorized users to execute malicious code or compromise website integrity. These vulnerabilities have made the plugin a target for attackers seeking to distribute malware or inject malicious advertisements into legitimate websites.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30876 | WordPress Ads by WPQuads plugin <= 2.0.87.1 - SQL Injection Vulnerability — Ads by WPQuadsCWE-89 | 9.3 | Critical | 2025-04-01 |
| CVE-2025-30855 | WordPress Ads by WPQuads plugin <= 2.0.87.1 - Broken Access Control Vulnerability — Ads by WPQuadsCWE-862 | 7.5 | High | 2025-03-31 |
| CVE-2024-47317 | WordPress Ads by WPQuads plugin <= 2.0.84 - Broken Access Control vulnerability — Ads by WPQuadsCWE-862 | 4.3 | Medium | 2024-11-01 |
This page lists every published CVE security advisory associated with Ads by WPQuads. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.